Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



Step by Step Guide for Django Installation on CyberPanel, Litespeed & uWSGI - #CyberPanel #LiteSpeed

Posted on Dec 28, 2021

Step by Step Guide for Django Installation on CyberPanel, Litespeed & uWSGI - #CyberPanel #SFARPak This tutorial explains steps by steps how to Install Django in CyberPanel. The CyberPanel works on the LiteSpeed server which has the fastest performance compared to other servers like Apache & NGINX.



Mastering Homework: A Guide to Effective Scheduling

Posted in Uncategorized on Jun 07, 2024

Learn how to schedule homework activities effectively to reduce stress, improve time management, and enhance academic performance



[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")

Posted on Jan 11, 2022

[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists") PROBLEM / ERROR: django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")



Hosting by AliTech User & Reseller Portal - 2021

Posted in About Hosting by AliTech, News on Oct 17, 2021

Hosting by AliTech User & Reseller Portal coming soon stay tuned. https://bit.ly/3tm3kZ3 https://www.hostingbyalitech.com #hostingbyalitech #alitechsolutions #userportal #resellerportal #coming #soon



[Tutorial] Installing Kubernetes Manually

Posted in Technical Solutions on May 01, 2022

[Tutorial] Installing Kubernetes Manually 1. Letting iptables see bridged traffic



Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024

Explore the differences between .org and .com domain extensions and decide which is best for your website. Understand their unique purposes, availability, and implications for your online presence.



Google Search Impact - Congrats on reaching 900 clicks in 28 days!

Posted in News on Mar 05, 2022

Google Search Impact - Congrats 900 clicks 28 days! - Awesome



Experience Unmatched Performance with LiteSpeed: A Comparison

Posted in News on Jun 07, 2024

Discover how LiteSpeed outperforms Nginx and Apache in delivering superior website performance, enhancing user experience for platforms like Magento and WordPress.



Comprehensive Guide to Choosing the Right Domain and Hosting Services for Startups

Posted in Uncategorized on Jul 01, 2024

In today’s digital landscape, choosing the right domain name and hosting services is crucial for startups aiming to establish a strong online presence. This comprehensive guide explores the importance of domain selection, optimal hosting solutions, and popular CMS platforms like WordPress, WooCommerce, Joomla, and more. Whether you're deploying NodeJS, Django, Ruby on Rails, React, or other frameworks, understanding these elements is essential for scalable growth and seamless user experiences.



[SOLVED / FIXED ] ModuleNotFoundError: No module named 'setuptools_rust'

Posted in Technical Solutions on Apr 09, 2022

[SOLVED / FIXED ] ModuleNotFoundError: No module named 'setuptools_rust' Error: While installing docker-compose the following error can come up: ModuleNotFoundError: No module named 'setuptools_rust'



Intel CEO Pat Gelsinger's Dramatic Exit: A Tech Industry Watershed Moment

Posted in News on Dec 03, 2024

Intel CEO Pat Gelsinger abruptly resigned on December 1, 2024, after a challenging three-year tenure. His departure follows the company's dramatic decline, with Intel's stock falling 61% and losing ground to AI-focused competitors like Nvidia. The company has appointed interim co-CEOs while searching for a permanent replacement, marking a critical moment in Intel's struggle to remain competitive in the rapidly evolving semiconductor industry.



Introduction to Multi-Cloud Hosting

Posted in Uncategorized on Jul 29, 2024

Multi-cloud hosting is revolutionizing the way businesses manage their IT infrastructure by leveraging multiple cloud service providers. This strategy offers enhanced reliability, cost efficiency, flexibility, and scalability, making it a popular choice for modern enterprises. While it brings challenges like complexity in management and security concerns, the benefits often outweigh the drawbacks. As technology advances, trends such as AI integration, improved security measures, and the growth of edge computing are set to shape the future of multi-cloud hosting, making it an indispensable approach for businesses aiming for resilience and efficiency in their operations.



Litespeed performance comparison

Posted in News on Sep 08, 2022

Our server supports Lite Speed webserver: With the power of LiteSpeed server your websites will have outclass performance see the difference. The benchmark shows the difference of Magneto performance on LiteSpeed server, Nginx & Apache.



General Motors (GM) Lays Off Over 1,000 Salaried Software, Services Employees

Posted in News on Aug 20, 2024

General Motors (GM) has announced the layoff of over 1,000 salaried employees from its software and services divisions, signaling a major shift in its strategic focus. The cuts, affecting both domestic and international positions, come as GM aims to streamline operations and prioritize high-impact projects such as enhancing its Super Cruise driver assistance system and exploring artificial intelligence. This move follows a review after the departure of former executive Mike Abbott and reflects GM's broader push towards innovation in the rapidly evolving automotive sector.



Hosting by AliTech: Winner of CorporateVision's Global Business Award 2022

Posted in News on Jun 07, 2024

Discover how Hosting by AliTech emerged as the 'Best Affordable Web Hosting Provider 2022 - Pakistan' and won the prestigious Global Business Award. Explore our commitment to providing top-notch web hosting solutions at affordable prices and empowering businesses to establish a strong online presence.



OpenAI Bought the Web Domain Chat.com: Did OpenAI Just Spend More Than $10 Million on a URL?

Posted in News on Nov 07, 2024

OpenAI recently acquired Chat.com, which now redirects to ChatGPT, enhancing its brand visibility and accessibility. Previously owned by Dharmesh Shah, who bought it for $15.5 million, the domain likely sold to OpenAI for an even higher price. This strategic purchase underscores OpenAI’s commitment to making AI tools more accessible and reflects the growing importance of conversational AI in modern technology.



Amazon AWS Google Cloud Microsoft Azure Vultr port 25 killed

Posted on Dec 28, 2021

Amazon AWS, Google Cloud, Microsoft Azure, Vultr port 25 If you are looking for sending e-mails through your Virtual Machine Instances you would be disappointed by reading this blog.



AI-powered Web Hosting and Its Benefits

Posted in Uncategorized on Jul 10, 2024

AI-powered web hosting leverages artificial intelligence technologies to manage, optimize, and enhance traditional web hosting experiences. It offers unparalleled benefits such as enhanced performance and speed, improved security measures, efficient resource management, and intelligent traffic analysis. This type of hosting integrates AI to predict traffic patterns, dynamically allocate resources, and ensure superior website performance. Businesses adopting AI-powered web hosting can expect faster load times, automated threat detection, and scalable solutions that cater to growing needs. As AI technology continues to evolve, the future of web hosting looks promising, offering even more sophisticated and efficient solutions.




Other Blogs


Mastering Homework: A Guide to Effective Scheduling

Posted in Uncategorized on Jun 07, 2024 and updated on Jun 07, 2024

Hosting by AliTech User & Reseller Portal - 2021

Posted in About Hosting by AliTech, News on Oct 17, 2021 and updated on Mar 14, 2022

[Tutorial] Installing Kubernetes Manually

Posted in Technical Solutions on May 01, 2022 and updated on Jun 07, 2024

Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024 and updated on Jul 18, 2024

Google Search Impact - Congrats on reaching 900 clicks in 28 days!

Posted in News on Mar 05, 2022 and updated on Mar 18, 2022

Experience Unmatched Performance with LiteSpeed: A Comparison

Posted in News on Jun 07, 2024 and updated on Jun 07, 2024

Intel CEO Pat Gelsinger's Dramatic Exit: A Tech Industry Watershed Moment

Posted in News on Dec 03, 2024 and updated on Dec 03, 2024

Introduction to Multi-Cloud Hosting

Posted in Uncategorized on Jul 29, 2024 and updated on Jul 29, 2024

Litespeed performance comparison

Posted in News on Sep 08, 2022 and updated on Sep 07, 2022

General Motors (GM) Lays Off Over 1,000 Salaried Software, Services Employees

Posted in News on Aug 20, 2024 and updated on Aug 20, 2024

Hosting by AliTech: Winner of CorporateVision's Global Business Award 2022

Posted in News on Jun 07, 2024 and updated on Jun 07, 2024

Amazon AWS Google Cloud Microsoft Azure Vultr port 25 killed

Posted on Dec 28, 2021 and updated on Jun 30, 2022

AI-powered Web Hosting and Its Benefits

Posted in Uncategorized on Jul 10, 2024 and updated on Jul 10, 2024

Litespeed performance comparison

Posted in News on Sep 08, 2022

Litespeed performance comparison

Posted in News on Sep 08, 2022







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons