Slashdot Mirror

← Back to Stories (view on slashdot.org)

GoDaddy Accounts Vulnerable To Social Engineering (and Photoshop)

Posted by Soulskill on from the only-as-strong-as-its-weakest-hyperlink dept.

itwbennett writes: On Tuesday, Steve Ragan's GoDaddy account was compromised. He knew it was coming, but considering the layered account protections used by the world's largest domain registrar, he didn't think the attacker would be successful. He was wrong. Within days, the attacker gained control over Steve's account just by speaking to customer support and submitting a Photoshopped ID.

11 of 70 comments (clear)

  1. Meh by grimmjeeper · · Score: 5, Insightful

    This is reason 363956 why you don't want to use GoDaddy to host your name or accounts.

  2. I call BS... by fuzzyfuzzyfungus · · Score: 5, Funny

    I'm not sure I believe this story. GoDaddy doesn't offer customer support, so how could the social engineers have spoken to them?

  3. Godaddy are thieving wankers dot com by Dr_Barnowl · · Score: 5, Interesting

    ... is the name of a domain name I searched for on their site to see if they'd bite.

    A few years ago I thought I'd buy a domain for myself. Went and searched for it on their site. NEVER DO THIS.

    It wasn't taken.

    I ummed and aahed and slept on it.

    I came back. It was taken. By Domains By Proxy LLC. Who are owned by GoDaddy.

    It seems to have been sold on to another speculator, unless Afternic are them too. (I just checked. Afternic were bought out by GoDaddy in 2013).

    I own the .co.uk variant of it now. I used GANDI, who by all accounts, are not wankers.

    So, if you want a domain, be prepared to buy it on the spot if it's available. And use a registrar who aren't arseholes.

    1. Re:Godaddy are thieving wankers dot com by cdrudge · · Score: 3, Informative

      I don't know if Godaddy speculates under Domains By Proxy, but Domains By Proxy is what they also list any account that has enabled the "whois privacy" feature to mask their contact information. It's possible you were just a victim of bad luck.

    2. Re:Godaddy are thieving wankers dot com by Dr_Barnowl · · Score: 4, Insightful

      For a 2 word .com domain name that had been previously unregistered for 30 years? And was registered for the first time shortly after I fed it into a whois query box on their site?

      No. There's no coincidence there.

    3. Re:Godaddy are thieving wankers dot com by Bender+Unit+22 · · Score: 2

      I experienced the same with a Danish DNS company 15 years ago. I came up with a good name and short, never registered before. Filled out the form and paid with credit card, only to have it rejected the next day because it all of the sudden already was registered by the same registrar but to some odd company I could not find any information on.

    4. Re:Godaddy are thieving wankers dot com by sribe · · Score: 4, Interesting

      ...there is some additional asshattery...

      There is some period for which they can register, then cancel, without paying fees upstream.

  4. Re:No Duh. by david_thornley · · Score: 4, Interesting

    If somebody does that and removes money from your bank, the bank is going to have to show it was really you, or that there was sufficient authentication by a route you agreed to. A conversation with a bank employee and a photoshopped ID are not going to be considered sufficient authentication. If it turns out the bank was liable, it is going to have to restore the money, and it will be able to do so. Recovering the money fraudulently taken from the bank is, after that, the bank's problem.

    There have been cases where stolen domains (where the evidence is clear) are never returned. It seems to depend on the registrar, and that's a good reason not to use GoDaddy.

    --
    "When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
  5. Re:Gimped by Lunix+Nutcase · · Score: 2

    Yes, they are sure.

    "This was probably overkill, but I’m a perfectionist when it comes to these things. The subtitles in the driver's license seal were no match for Photoshop's 'content aware and replace' feature. It wasn't perfect, so the majority of my time was spent pushing pixels until it looked right. A little blur and grain go a long way to making something look authentic," Mr. Troia said.

  6. Re:No Duh. by rot26 · · Score: 2

    namecheap.

    Not affiliated, blah blah blah and so on and so on.

    --



    To ensure perfect aim, shoot first and call whatever you hit the target
  7. Barriers to transferring away from GoDaddy by whoever57 · · Score: 4, Informative

    I recently transferred one domain (I plan to transfer the rest), but came across an interesting issue in the process. The domain used a proxy registration to hide my information (as recommened in TFA), but, in order to allow the transfer, I had to disable the proxy registration and make it public. Thus, for some time, my privacy protection was not effective. Now this wasn't a big deal for me, but it could be for others.

    Also, note that GoDaddy's domains by proxy makes the total cost of a private domain registration far higher than many other registrars.

    --
    The real "Libtards" are the Libertarians!