Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



Breaking! NFTs Coming to Instagram-META-Facebook Mark Zuckerberg - 2022

Posted in News on Mar 24, 2022

NFTs Coming to Instagram Soon, Says META - Facebook CEO Mark Zuckerberg According to news reports, Zuckerberg said, “We’re working...



[SOLVED / FIXED] node is not recognised as internal command

Posted in Technical Solutions on Jul 13, 2022

[SOLVED / FIXED] node is not recognised as internal command



The Future of AI and Cloud Computing: A Global Perspective

Posted on Oct 03, 2024

Cloud computing and artificial intelligence (AI) are transforming the technological landscape at an unprecedented pace. These two forces have become vital for businesses aiming to scale, innovate, and stay competitive in a digital-first world. As major corporations like Microsoft, Google, and Oracle make significant investments in cloud infrastructure and AI capabilities, it's clear that these technologies will shape the future of industries worldwide. In this article, we'll dive deep into the latest developments in AI and cloud computing, with a focus on global investments, emerging technologies, and the impact on businesses across different regions.



[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL

Posted on Mar 27, 2022

[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL ERROR / PROBLEM: Starting the Python Shell in the terminal inside virtual environment.



The Manifest Hails AliTech Solutions as One of the Most Reviewed IT Services Companies in Pakistan

Posted in About Hosting by AliTech on Jun 07, 2024

AliTech Solutions is proud to be recognized by The Manifest as one of the most reviewed IT services companies in Pakistan, showcasing our commitment to excellence and client satisfaction.



Hackers Hijack Many New Company Accounts With Domain Names On Squarespace

Posted in Uncategorized on Jul 19, 2024

In July 2024, hackers exploited a vulnerability in Squarespace's domain migration process, hijacking over a dozen company accounts, primarily targeting crypto-themed entities. This article delves into the incident, the impact on affected companies, and the necessary steps to enhance domain security.



[SOLVED / FIXED ] Kubernetes / Docker could not create directory. wordpress

Posted in Technical Solutions on Apr 30, 2022

[SOLVED / FIXED ] Kubernetes / Docker could not create directory. wordpress ERROR: could not create directory SOLUTION / FIX: chown -R www-data:www-data /var/www



How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024

LinkedIn has always been a platform for professionals to network, find job opportunities, and share career-related content. However, over the past few years, it has evolved into something more, a place where thought leaders, influencers, and even job seekers have turned to AI-powered tools to help generate content. This shift has been a major factor in the rise of AI-generated posts, with over half of LinkedIn’s long-form posts being created by AI as of October 2024.



[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")

Posted on Jan 11, 2022

[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists") PROBLEM / ERROR: django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")



Firewall in Pakistan: Restricting Online Freedom and Access 2024

Posted in News on Aug 19, 2024

Pakistan's government is set to implement a nationwide firewall, sparking concerns about internet censorship and restrictions on online dissent. The firewall will monitor and control internet usage, targeting social media platforms and regulating VPNs. With a history of internet restrictions, this move raises questions about the future of free expression and democratic engagement in Pakistan. Key Points: Pakistan's national firewall will control access to social media platforms and monitor online activities The firewall aims to track and control internet usage, including VPNs Lack of transparency surrounding the project's scope and implications International concerns about the impact on freedom of expression and democratic principles Experts warn of potential risks to online privacy and security Read the full article to learn more about Pakistan's national firewall and its implications for internet freedom.



Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024

In recent cybersecurity news, the emergence of the "Sitting Ducks" attack has posed a significant threat to domain name owners, exposing vulnerabilities in the Domain Name System (DNS) that can lead to severe security breaches. This comprehensive guide will delve into the intricacies of these attacks, their impact, and effective strategies for prevention.



Saudi Arabia to get AstraZeneca Vaccine from India

Posted in News on Jan 27, 2021

Kingdom of Saudi Arabia (KSA) to get AstraZeneca Vaccine shots from from India in about a week. The Serum Institute of India (SII) will supply Saudi Arabia with 3 million AstraZeneca COVID-19 vaccine doses priced at $5.25 each in about a week on behalf of the British drugmaker, its chief executive told Reuters on Monday.



Get 12 Months of AWS Wordpress Hosting for Free

Posted in Hosting Promotions, News, Technical Solutions on Sep 08, 2022

Introduction to AWS Free Tier AWS Free Tier includes many free services which are always free and many services which are offered free for 12 months plan.



[SOLVED / FIXED] Python Django - TypeError: can't multiply sequence by non-int of type 'float'

Posted in Technical Solutions on Apr 02, 2022

[SOLVED / FIXED] Python Django - TypeError: can't multiply sequence by non-int of type 'float' Error: Language : Python Django TypeError: can't multiply sequence by non-int of type 'float'<strong>SOLUTION / FIX



[SOLVED/FIXED] Python Django - crbug non-JS module files deprecated.

Posted in Technical Solutions on Feb 28, 2022

[SOLVED/FIXED] Python Django - crbug/1173575, non-JS module files deprecated. ERROR: ERR_TOO_MANY_REDIRECTS SOLUTION:



Comprehensive Guide to Web Hosting and Business Website Creation

Posted in Uncategorized on Jun 25, 2024

Creating a robust online presence is crucial for any business. This guide explores web hosting options, domain registration, and website creation tools. We cover reseller hosting plans, VPS hosting, Magento hosting, and the best hosting providers for small businesses. We also discuss how to create a business website for free and the best platforms for blog hosting



Metro-Goldwyn-Mayer (MGM) Inks Cloud Computing Deal With Amazon in Search for "New Revenue Opportunities"

Posted in News on Feb 09, 2021

MGM (a private company) is set to move all of its content to Amazon’s cloud and use the tech giant’s software to modernize its media supply chain. Metro Goldwyn Mayer has signed a cloud computing agreement with Amazon Web Services to move its content and distribution efforts to the tech giant’s cloud. The James Bond studio is set to move all of its content to Amazon's cloud and use the tech giant's software to modernize its media supply chain.



Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021

Ransomware attack forces web hosting provider Managed.com to take servers offline.




Other Blogs


Breaking! NFTs Coming to Instagram-META-Facebook Mark Zuckerberg - 2022

Posted in News on Mar 24, 2022 and updated on Mar 24, 2022

[SOLVED / FIXED] node is not recognised as internal command

Posted in Technical Solutions on Jul 13, 2022 and updated on Jul 13, 2022

The Future of AI and Cloud Computing: A Global Perspective

Posted on Oct 03, 2024 and updated on Oct 03, 2024

How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024 and updated on Nov 29, 2024

Firewall in Pakistan: Restricting Online Freedom and Access 2024

Posted in News on Aug 19, 2024 and updated on Aug 19, 2024

Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024 and updated on Aug 02, 2024

Saudi Arabia to get AstraZeneca Vaccine from India

Posted in News on Jan 27, 2021 and updated on Mar 30, 2022

Get 12 Months of AWS Wordpress Hosting for Free

Posted in Hosting Promotions, News, Technical Solutions on Sep 08, 2022 and updated on Sep 07, 2022

Comprehensive Guide to Web Hosting and Business Website Creation

Posted in Uncategorized on Jun 25, 2024 and updated on Jun 25, 2024

Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021 and updated on Mar 30, 2022







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons