In early December 2022, GoDaddy got complaints from a small number of customers. It was about their websites being intermittently redirected. Upon investigation, it was discovered that an unauthorized third party had gained access. It was access to servers in GoDaddy’s cPanel shared hosting environment. Also, there was malware installation causing the intermittent redirection of customer websites. It was a disastrous malware attack. The company remediated the situation and implemented security measures to prevent future infections.

The Investigation on malware attack

The GoDaddy team quickly initiated an investigation into the incident. They found that the intermittent redirects were happening on seemingly random websites hosted on their cPanel. They shared hosting servers and were not easily reproducible by the company, even on the same website.

The team was quick to respond to the situation and implemented necessary security measures to prevent future infections. However, they have been working with multiple law enforcement agencies across the globe along with forensics experts. This was to further investigate the issue.

Sophisticated and Organized Group

The company also have legal evidence that the sophisticated and organized group is responsible for the incident. This group was targeting hosting services like GoDaddy. According to information received by the company, the group’s apparent goal is to infect websites and servers with malware. It was for phishing campaigns, malware distribution, and other malicious activities.

As GoDaddy continues to monitor the group’s behavior and block their attempts, they are actively collecting evidence and information regarding their tactics and techniques to help law enforcement.

Response and Apology for malware attack

GoDaddy apologizes for any inconvenience the incident may have caused to its customers or visitors to their websites. They are using the lessons learned from this incident to enhance the security of their systems and further protect their customers and their data.

GoDaddy is a leading web hosting company that provides a range of services, including domain registration, web hosting, and website building tools. The company has over 20 million customers and manages over 80 million domain names worldwide.

GoDaddy incident highlights the importance of website security and the need for web hosting companies to remain vigilant. It is essential that businesses and individuals who rely on web hosting services to maintain their websites take the necessary steps to secure their data and prevent unauthorized access. With the right security measures in place, businesses and individuals can protect their websites and online presence from cyber attacks.