Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



AliTech is now verified by Apple ®

Posted in About Hosting by AliTech, News on Sep 20, 2020

Now Alitech is verified with Apple. Support team is available via iMessage 24/7.



How to Protect Your Website from Malware and Viruses

Posted in News on Oct 07, 2024

In today's digital world, protecting your website from malware and viruses is crucial to maintaining its performance, security, and user trust. This guide covers essential strategies such as using strong passwords, enabling two-factor authentication, installing web application firewalls (WAF), and securing your site with SSL certificates. Regular updates, backups, and security audits are also key to preventing cyberattacks. Whether you're running a small blog or a large e-commerce site, these best practices will help you safeguard your website and keep it secure from malicious threats.



4 tips to enable Nested Virtualization like a PRO

Posted in Technical Solutions on Oct 17, 2021

Nested virtualization is used to enable, use or create virtual machines within virtual machines, consider Virtualbox is running CentOS virtual machine



Does your hosting provider has this performance?

Posted in News on Sep 12, 2020

Does your hosting provider has this performance? If no... you need to move now 🙂 https://hosting.alitech.uk



Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024

Explore the differences between .org and .com domain extensions and decide which is best for your website. Understand their unique purposes, availability, and implications for your online presence.



World of Quantum Computing and Its Effects on Web Hosting and Domain Names

Posted in Uncategorized on Jul 11, 2024

Quantum computing is no longer a concept confined to the realm of theoretical physics; it has entered the mainstream, promising to revolutionize various industries. Among these, web hosting and domain name management stand to benefit significantly from the advancements in quantum computing. Quantum computers can process large datasets more efficiently, enabling faster data retrieval and processing. This can significantly reduce the time it takes to load websites, improving the overall user experience. Moreover, quantum encryption techniques offer enhanced protection, ensuring that sensitive data transmitted over the internet remains secure from cyber threats. As quantum computing continues to evolve, it is set to transform web hosting and domain management, making them more efficient, secure, and reliable.



WordPress Hosting & Management

Posted on Nov 04, 2024

Choosing the right WordPress hosting service is one of the most critical decisions you’ll make when building a website. The hosting provider you select can impact your site’s speed, security, and reliability. With so many options available, understanding the different types of WordPress hosting can help you make an informed choice. This guide will delve into the various aspects of WordPress hosting and management, providing insights that can empower you to create a successful online presence.



Coursera is offering 9 free courses with Certificate on their 9th Birthday

Posted on Apr 15, 2021

Coursera is offering 9 free courses with Certificate on their 9th Birthday Earn a free certificate in one of 9 specially selected courses! This special offer* is available through April 30.



The Ultimate Guide to Different Types of Web Hosting

Posted in Uncategorized on Jun 24, 2024

Choosing the right web hosting service can be overwhelming, but understanding the differences between shared hosting, VPS hosting, Wordpress hosting, reseller hosting, and cloud hosting can help. Learn about the pros and cons of each option and make an informed decision for your website's needs.



[SOLVED / FIXED] Kubesphere request to http //ks-apiserver/oauth/token failed

Posted in Technical Solutions on Jul 17, 2022

[SOLVED / FIXED] Kubesphere request to http //ks-apiserver/oauth/token failed



[SOLVED/FIXED] Python Django - crbug non-JS module files deprecated.

Posted in Technical Solutions on Feb 28, 2022

[SOLVED/FIXED] Python Django - crbug/1173575, non-JS module files deprecated. ERROR: ERR_TOO_MANY_REDIRECTS SOLUTION:



Apple Is Developing a Doorbell That Unlocks With Your Face, Report Says

Posted in News on Dec 24, 2024

Apple is reportedly developing a revolutionary smart doorbell with Face ID, allowing it to unlock your door by recognizing your face. This innovative device is expected to integrate seamlessly with Apple's growing smart home ecosystem, including upcoming security cameras and a new smart home hub. With a potential release date in late 2025, Apple aims to challenge Amazon and Google in the smart home market by prioritizing privacy and user experience.



Brazil Lifts Ban on X After Elon Musk Pays $5M Fine

Posted in News on Oct 09, 2024

In a major development in Brazil’s tech and social media landscape, the country’s Supreme Court recently lifted a ban on X, the platform formerly known as Twitter. This decision came after a long standoff between the platform, owned by billionaire entrepreneur Elon Musk, and the Brazilian government over issues of disinformation and legal compliance. Musk’s company, X, paid a hefty $5 million fine and complied with court orders, which has led to the platform’s reinstatement in the country. This article delves into the reasons behind the ban, Musk’s response, and how the situation has unfolded, ultimately leading to X’s return to one of its most significant markets.



WordPress Cofounder Asks Court to Dismiss WP Engine’s Lawsuit

Posted in News on Nov 01, 2024

WordPress cofounder Matt Mullenweg, along with Automattic, has moved to dismiss a lawsuit filed by WP Engine that alleges defamation, extortion, and trademark infringement. WP Engine’s claims arise from Mullenweg’s criticism of the company’s contributions to WordPress and his decision to restrict its access to WordPress.org resources. Mullenweg counters that WP Engine has no legal right to these resources, describing the company’s reliance on WordPress.org as a “risky decision” made without a backup plan. This high-stakes case has stirred concerns within the WordPress community about the implications for other developers and businesses relying on the platform’s open-source ecosystem.



Mastering Multi-Server Management and Enhanced Web Security

Posted in Uncategorized on Jul 08, 2024

Managing multiple servers and ensuring robust web security are crucial in today’s digital landscape. This comprehensive guide explores the benefits and processes of multi-server management, including the use of CloudFlare for enhanced performance, CodeGuard for automated backups, and SiteLock for comprehensive security. Learn how to add various hosting services to your account, implement advanced security features, and protect your domain and data effectively. Enhance your website's reliability, scalability, and performance with these essential strategies.



Meta Connect 2024: A Deep Dive into Meta's New AI Features and Llama 3.2

Posted in News on Sep 27, 2024

Meta Connect 2024 unveiled a suite of groundbreaking AI features that are set to reshape user experiences across Meta's apps. At the heart of these innovations is Llama 3.2, Meta’s latest large language model with multimodal capabilities, allowing it to process both text and images. This model powers everything from intuitive image editing to real-time voice interactions and seamless translation. Additionally, Meta's AI Studio lets users create lifelike chatbots, while the introduction of AI-powered voice assistants and real-time dubbing highlights Meta's commitment to pushing the boundaries of artificial intelligence



[SOLVED / FIXED] node is not recognised as internal command

Posted in Technical Solutions on Jul 13, 2022

[SOLVED / FIXED] node is not recognised as internal command



TikTok is one of Microsoft’s Biggest AI Cloud Computing Customers

Posted in Uncategorized on Aug 01, 2024

In this article, we delve into the significant partnership between TikTok and Microsoft, highlighting how TikTok's substantial investment in Microsoft's AI cloud services has influenced both companies. Discover the financial details, technological advancements, and future implications of this collaboration, as well as the potential risks and benefits for both TikTok and Microsoft in the rapidly evolving AI landscape.




Other Blogs


AliTech is now verified by Apple ®

Posted in About Hosting by AliTech, News on Sep 20, 2020 and updated on Mar 30, 2022

How to Protect Your Website from Malware and Viruses

Posted in News on Oct 07, 2024 and updated on Oct 07, 2024

4 tips to enable Nested Virtualization like a PRO

Posted in Technical Solutions on Oct 17, 2021 and updated on Oct 17, 2021

Does your hosting provider has this performance?

Posted in News on Sep 12, 2020 and updated on Oct 23, 2020

Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024 and updated on Jul 18, 2024

WordPress Hosting & Management

Posted on Nov 04, 2024 and updated on Nov 04, 2024

Coursera is offering 9 free courses with Certificate on their 9th Birthday

Posted on Apr 15, 2021 and updated on Apr 15, 2021

The Ultimate Guide to Different Types of Web Hosting

Posted in Uncategorized on Jun 24, 2024 and updated on Jun 24, 2024

Apple Is Developing a Doorbell That Unlocks With Your Face, Report Says

Posted in News on Dec 24, 2024 and updated on Dec 24, 2024

Brazil Lifts Ban on X After Elon Musk Pays $5M Fine

Posted in News on Oct 09, 2024 and updated on Oct 09, 2024

WordPress Cofounder Asks Court to Dismiss WP Engine’s Lawsuit

Posted in News on Nov 01, 2024 and updated on Nov 01, 2024

Mastering Multi-Server Management and Enhanced Web Security

Posted in Uncategorized on Jul 08, 2024 and updated on Jul 08, 2024

Meta Connect 2024: A Deep Dive into Meta's New AI Features and Llama 3.2

Posted in News on Sep 27, 2024 and updated on Sep 27, 2024

[SOLVED / FIXED] node is not recognised as internal command

Posted in Technical Solutions on Jul 13, 2022 and updated on Jul 13, 2022

TikTok is one of Microsoft’s Biggest AI Cloud Computing Customers

Posted in Uncategorized on Aug 01, 2024 and updated on Aug 01, 2024

WordPress Hosting & Management

Posted on Nov 04, 2024

WordPress Hosting & Management

Posted on Nov 04, 2024







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons