Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



WordPress Hosting & Management

Posted on Nov 04, 2024

Choosing the right WordPress hosting service is one of the most critical decisions you’ll make when building a website. The hosting provider you select can impact your site’s speed, security, and reliability. With so many options available, understanding the different types of WordPress hosting can help you make an informed choice. This guide will delve into the various aspects of WordPress hosting and management, providing insights that can empower you to create a successful online presence.



[SOLVED] MySQL / MariaDB Specified key was too long; max key length is 767 bytes

Posted in Technical Solutions on Jan 07, 2022

[SOLVED] MySQL / MariaDB Specified key was too long; max key length is 767 bytes Error : mariadb specified key was too long. Specified key was too long; max key length is 767 bytes.



Low Cost Web Hosting with Advance Features

Posted in Hosting Promotions on Jan 28, 2021

HostingbyAliTech is providing you an amazing advance features at a low cost. The features, which are much expensively available in the web hosting industry.



[SOLVED / FIXED] Python Django - TypeError: can't multiply sequence by non-int of type 'float'

Posted in Technical Solutions on Apr 02, 2022

[SOLVED / FIXED] Python Django - TypeError: can't multiply sequence by non-int of type 'float' Error: Language : Python Django TypeError: can't multiply sequence by non-int of type 'float'<strong>SOLUTION / FIX



CES 2025: Everything You Need to Know About the Biggest Tech Show

Posted in News on Jan 03, 2025

CES 2025 is set to unveil groundbreaking innovations in technology, from AI advancements to the latest in electric vehicles and smart home devices. Industry leaders like Nvidia and AMD are expected to showcase their newest GPU technologies, while startups present revolutionary solutions for the future. This year, sustainability and AI-powered gadgets take center stage, offering a glimpse into the future of tech. Whether it's the next-gen display technologies, autonomous systems, or wellness trackers, CES 2025 promises to be a hub of excitement and new ideas that could redefine how we live and interact with technology.



Gmail Users at Risk from AI-Powered Cyberattacks

Posted in News on Oct 14, 2024

In a rapidly evolving digital landscape, Gmail users are facing a new and alarming threat: AI-powered cyberattacks. These sophisticated scams leverage advanced technology to create realistic impersonations of Google support calls, tricking unsuspecting individuals into revealing personal information. This blog delves into the details of these AI-driven scams, sharing real-life accounts of victims and expert insights on how these tactics work. Through engaging narratives and practical advice, the blog aims to raise awareness about the importance of cybersecurity in the age of AI. Readers will learn how to identify suspicious communications, the significance of enabling robust security features, and essential steps to protect their accounts from phishing attempts. As cybercriminals continue to refine their techniques, staying informed and vigilant is more crucial than ever.



Hackers Hijacked Chrome Extensions to Inject Malicious Code

Posted in News on Dec 30, 2024

Hackers have hijacked at least 16 popular Chrome extensions, exposing over 600,000 users to potential data theft. The attack targeted known extensions through a phishing campaign, allowing attackers to inject malicious code that stole sensitive information such as cookies and session tokens. Cybersecurity experts have identified a wide range of affected extensions, including those related to AI tools, VPNs, and productivity. This breach highlights the vulnerability of browser extensions and the need for better security practices.



California Governor Vetoes Major AI Safety Bill: What It Means for AI Regulation

Posted in News on Sep 30, 2024

California Governor Gavin Newsom has vetoed SB 1047, a major AI safety bill aimed at regulating advanced AI systems. The bill would have mandated safety measures like testing and a “kill switch” for high-risk AI models. Newsom argued that the legislation could hinder innovation and impose excessive regulations on AI companies. Tech giants such as Google and OpenAI supported the veto, fearing it would slow AI development. The decision has reignited the debate on finding the right balance between innovation and public safety in the rapidly evolving field of artificial intelligence.



Apple lands most profitable quarter of 2021

Posted in News on Jan 30, 2021

Revenue up 21 percent and EPS up 35 percent to new all-time records. Apple reported its largest-ever quarter when measured by revenue with $111.4 billion in Q4 revenue. This is impressive! Apple Inc cornered nearly a quarter of the global smartphone market in the fourth quarter, making it the world’s biggest seller. I still remember the discussions of not too long ago when many pundits questioned Apple’s iPhone strategy and future potential. Well... I guess here’s the answer!



Amazon AWS Google Cloud Microsoft Azure Vultr port 25 killed

Posted on Dec 28, 2021

Amazon AWS, Google Cloud, Microsoft Azure, Vultr port 25 If you are looking for sending e-mails through your Virtual Machine Instances you would be disappointed by reading this blog.



Top Best Web Hosting Services of 2024

Posted in About Hosting by AliTech, News on Sep 02, 2024

Find the best web hosting service for your website in 2024! Compare top hosting providers like HostGator, Bluehost, and DreamHost, and discover the benefits of cloud-powered hosting with Hosting by AliTech. Limited time offer: Get up to 33.3% off your hosting plan with Hosting by AliTech!



Oprah’s Upcoming AI Television Special Sparks Outrage Among Tech Critics

Posted in News on Sep 04, 2024

Oprah Winfrey's upcoming AI television special, "AI and the Future of Us," airing on September 12, 2024, has sparked significant controversy. While the show aims to educate viewers about the impact of artificial intelligence, featuring interviews with tech leaders like Sam Altman and Bill Gates, critics argue that it may serve more as a promotional platform for the AI industry than as an unbiased exploration. Concerns have been raised about the potential for bias, with some fearing the show might downplay the ethical, social, and environmental challenges posed by AI.



[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL

Posted on Mar 27, 2022

[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL ERROR / PROBLEM: Starting the Python Shell in the terminal inside virtual environment.



Mastering WooCommerce SEO: A Complete Guide to Optimize Your Online Store

Posted on Dec 05, 2024

Discover the ultimate guide to WooCommerce SEO and learn how to optimize your online store for better visibility, increased traffic, and higher sales with proven strategies and tools



WhatsApp's Upcoming Features: A Comprehensive Look at the Future of Messaging

Posted in News on Aug 30, 2024

WhatsApp is rolling out exciting new features, including advanced contact syncing options, multi-account support, and enhanced privacy tools like passkey encryption. These updates will allow users to manage contacts separately for each account, manually sync specific contacts, and create custom chat lists. Additionally, WhatsApp is working on voice message transcription and in-app translation, making communication more seamless and secure. These features, currently in beta, aim to improve user experience and provide greater control over personal and professional interactions



Understanding Next-Gen SDD Web Hosting and Its Benefits

Posted in Uncategorized on Jun 26, 2024

Discover the future of web hosting with Next-Gen SDD Web Hosting, featuring cutting-edge technology for enhanced speed and security. Learn how cPanel streamlines website management, and GMail Accounts enhance business communication. Additionally, explore the benefits of unlimited hosting plans, SFTP and SSL certificates for data security, Google G Suite for productivity, and web and app development for business growth. Finally, understand how SEO and SEM strategies optimize visibility, and digital marketing harnesses online potential.



Install Django on CyberPanel and Openlitespeed with WSGI

Posted in Technical Solutions on Feb 02, 2021

Install Django on CyberPanel and Openlitespeed with WSGI These links were of help but I had to struggle alot to reach to success which changes have been included in these guides:



Unlocking the Power of Cloud Web Hosting: A Comprehensive Guide

Posted in Uncategorized on Jun 24, 2024

Discover the benefits of cloud web hosting and how it can transform your online presence. Learn about the features, advantages, and top providers of cloud hosting, and find out how to get started with building your own website for free




Other Blogs


WordPress Hosting & Management

Posted on Nov 04, 2024 and updated on Nov 04, 2024

Low Cost Web Hosting with Advance Features

Posted in Hosting Promotions on Jan 28, 2021 and updated on Mar 30, 2022

CES 2025: Everything You Need to Know About the Biggest Tech Show

Posted in News on Jan 03, 2025 and updated on Jan 03, 2025

Gmail Users at Risk from AI-Powered Cyberattacks

Posted in News on Oct 14, 2024 and updated on Oct 14, 2024

Hackers Hijacked Chrome Extensions to Inject Malicious Code

Posted in News on Dec 30, 2024 and updated on Dec 30, 2024

California Governor Vetoes Major AI Safety Bill: What It Means for AI Regulation

Posted in News on Sep 30, 2024 and updated on Sep 30, 2024

Apple lands most profitable quarter of 2021

Posted in News on Jan 30, 2021 and updated on Aug 26, 2022

Amazon AWS Google Cloud Microsoft Azure Vultr port 25 killed

Posted on Dec 28, 2021 and updated on Jun 30, 2022

Top Best Web Hosting Services of 2024

Posted in About Hosting by AliTech, News on Sep 02, 2024 and updated on Sep 02, 2024

Oprah’s Upcoming AI Television Special Sparks Outrage Among Tech Critics

Posted in News on Sep 04, 2024 and updated on Sep 04, 2024

Mastering WooCommerce SEO: A Complete Guide to Optimize Your Online Store

Posted on Dec 05, 2024 and updated on Dec 05, 2024

WhatsApp's Upcoming Features: A Comprehensive Look at the Future of Messaging

Posted in News on Aug 30, 2024 and updated on Aug 30, 2024

Understanding Next-Gen SDD Web Hosting and Its Benefits

Posted in Uncategorized on Jun 26, 2024 and updated on Jun 26, 2024

Install Django on CyberPanel and Openlitespeed with WSGI

Posted in Technical Solutions on Feb 02, 2021 and updated on Aug 26, 2022

Unlocking the Power of Cloud Web Hosting: A Comprehensive Guide

Posted in Uncategorized on Jun 24, 2024 and updated on Jun 24, 2024

WordPress Hosting & Management

Posted on Nov 04, 2024

WordPress Hosting & Management

Posted on Nov 04, 2024







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons