GoDaddy disabled 15,000 subdomains used in spam operations

a minute read

Hosting provider and domain registrar GoDaddy has disabled more than 15,000 subdomains that were used as part of a massive spam operation designed to attract users to pages selling fake products.

Users received an email with a product advertisement. If they clicked on links in a letter, they would end up on one of the subdomains created on legitimate websites – without the knowledge of their owners.

Among the products advertised through these subdomains were supplements to improve brain function, diet pills, hemp oil, and other dietary supplements.

A network of malicious subdomains was discovered by security researcher at Palo Alto Networks, Jeff White . It happened about two years ago. All this time, White collected letters sent by fraudsters and indexed URLs promoting fake products. After collecting enough data, he relayed this information to GoDaddy.

GoDaddy’s own investigation revealed that the scammers also carried out phishing attacks in order to gain access to the accounts of the company’s clients.

Having access to their accounts, the attackers created subdomains on the GoDaddy client sites, which they then used to place pages advertising the products and ensure the flow of users to them using spam mailings.

According to GoDaddy, “several hundred” accounts were thus compromised. For security reasons, passwords were reset in all of them, and affected users notified of the incident.

According to the hoster, the “shadow” subdomains received millions of transitions.

Recall earlier it became known that GoDaddy inserts  JavaScript-code on the sites, which can reduce performance and lead to problems in the work of the resource.

Facebook Twitter LinkedIn Telegram Pocket

Related Posts:

Accenture, an international consulting company, shared the survey results, which was attended by 1,000 CEOs and directors of marketing in different countries. 90% of respondents surveyed believe that marketing is undergoing a profound transformation, based on customer orientation and customer expectations, or “hyper-relevance.” According to  Pavel Rodygin , Head of Interactive at Accenture Digital Russia, hyper relevance is not so much a characteristic of marketing, but of the entire cust...
In December of this year, PHP 5.6 and 7.0 will stop receiving security updates. According to WordPress, these versions are used on 57.1% of WP sites. Accordingly, in a short time these resources will become less protected. As vulnerabilities will stop closing, the use of outdated versions of PHP threatens sites with traffic loss and ranking problems. In addition to possible hacker attacks, there are also problems with the work of individual plugins and WordPress itself. Therefore, owners ...
Do you want to add notifications to the admin panel in WordPress? Admin notifications are used by the WordPress core, themes, and plugins to display warnings, notifications, and important information for users on the screen. In this article, we will show you how to add notifications to the WordPress admin panel. Why And When Should I Use Admin Messages In WordPress? WordPress uses notifications in the admin panel to inform users of errors, warnings and messages about the successful completion ...