Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



California Governor Vetoes Major AI Safety Bill: What It Means for AI Regulation

Posted in News on Sep 30, 2024

California Governor Gavin Newsom has vetoed SB 1047, a major AI safety bill aimed at regulating advanced AI systems. The bill would have mandated safety measures like testing and a “kill switch” for high-risk AI models. Newsom argued that the legislation could hinder innovation and impose excessive regulations on AI companies. Tech giants such as Google and OpenAI supported the veto, fearing it would slow AI development. The decision has reignited the debate on finding the right balance between innovation and public safety in the rapidly evolving field of artificial intelligence.



How to Install Remote Desktop on Ubuntu 18.04.6 / Ubuntu 20.04.4 / Raspberry Pi / AMD64 / ARM64

Posted in Technical Solutions on Jun 29, 2022

How to Install Remote Desktop on Ubuntu 18.04.6 / Ubuntu 20.04.4 / Raspberry Pi / AMD64 / ARM64



The Impact of Server Location on Website Speed and SEO

Posted in Uncategorized on Jul 24, 2024

Choosing the right server location is crucial for optimizing website speed and improving SEO rankings. This article explores how server location affects load times, the benefits of using CDNs, and best practices for selecting the optimal server location to enhance both global and local website performance. Discover the impact of latency, data transfer rates, and regional targeting on your site's user experience and search engine visibility.



WhatsApp Beta Users Face Green Screen Issue: Here’s How to Solve the Problem

Posted in Technical Solutions on Nov 11, 2024

WhatsApp beta users on Android are currently facing a frustrating green screen issue that makes their devices unresponsive when trying to open a chat. This bug is specifically affecting those on beta version 2.24.24.5, causing the screen to turn solid green and preventing access to messages. Fortunately, there are several solutions to this problem, from force-closing the app to switching back to the stable version. Discover how you can resolve this issue and get your WhatsApp back to normal.



Coursera is offering 9 free courses with Certificate on their 9th Birthday

Posted on Apr 15, 2021

Coursera is offering 9 free courses with Certificate on their 9th Birthday Earn a free certificate in one of 9 specially selected courses! This special offer* is available through April 30.



How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024

LinkedIn has always been a platform for professionals to network, find job opportunities, and share career-related content. However, over the past few years, it has evolved into something more, a place where thought leaders, influencers, and even job seekers have turned to AI-powered tools to help generate content. This shift has been a major factor in the rise of AI-generated posts, with over half of LinkedIn’s long-form posts being created by AI as of October 2024.



OpenAI's Updated ChatGPT App for Mac: Revolutionizing Multitasking

Posted in Uncategorized on Aug 08, 2024

The recent update to OpenAI’s ChatGPT app for macOS introduces a transformative feature designed to enhance multitasking efficiency. This blog delves into the details of this update, exploring how it can streamline your workflow and improve overall productivity.



Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021

Ransomware attack forces web hosting provider Managed.com to take servers offline.



ValueError at / dictionary update sequence element #0 has length 1; 2 is required

Posted in Technical Solutions on Dec 20, 2021

ERROR: ValueError at / dictionary update sequence element #0 has length 1; 2 is required SOLUTION: This has a simple solution.



[SOLVED / FIXED] DataError: (1406, "Data too long for column 'name' at row 1")

Posted in Technical Solutions on Sep 14, 2022

DataError: (1406, "Data too long for column 'name' at row 1") Error: DataError: (1406, "Data too long for column 'name' at row 1") Problem Statement: When creating a Slug in Django Model with Slugify this error populates. Solution:



Install Django on CyberPanel and Openlitespeed with WSGI

Posted in Technical Solutions on Feb 02, 2021

Install Django on CyberPanel and Openlitespeed with WSGI These links were of help but I had to struggle alot to reach to success which changes have been included in these guides:



ACME now uses ZeroSSL, here is what you need to do for your CyberPanel

Posted in Technical Solutions on Jun 07, 2024

Learn how to set up ZeroSSL for your CyberPanel as ACME now requires email registration. Follow this step-by-step guide to ensure smooth SSL configuration.



How to Install Python 3.10 on Ubuntu 20.04 LTS & Ubuntu 18.04

Posted in Technical Solutions on Jan 02, 2022

How to Install Python 3.10 on Ubuntu 20.04 LTS & Ubuntu 18.04 Python is a programming language that lets you work more quickly and integrate...



Google Search Impact - Congrats on reaching 900 clicks in 28 days!

Posted in News on Mar 05, 2022

Google Search Impact - Congrats 900 clicks 28 days! - Awesome



The Ultimate Guide to Different Types of Web Hosting

Posted in Uncategorized on Jun 24, 2024

Choosing the right web hosting service can be overwhelming, but understanding the differences between shared hosting, VPS hosting, Wordpress hosting, reseller hosting, and cloud hosting can help. Learn about the pros and cons of each option and make an informed decision for your website's needs.



Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024

In recent cybersecurity news, the emergence of the "Sitting Ducks" attack has posed a significant threat to domain name owners, exposing vulnerabilities in the Domain Name System (DNS) that can lead to severe security breaches. This comprehensive guide will delve into the intricacies of these attacks, their impact, and effective strategies for prevention.



Webcam Hacking and Stalking: Myth or Reality?

Posted in News on Dec 25, 2024

Webcam hacking is a growing concern in the digital world, with hackers exploiting vulnerabilities in webcams to gain unauthorized access to private spaces. But how real is this threat, and should you be worried? From phishing emails to malware and Trojan horse programs, hackers are using various techniques to breach webcams and invade individuals' privacy. With real-life cases of webcam hacking and stalking on the rise, it's essential to understand the risks and take precautions to protect your privacy and security.



ChatGPT Project Strawberry: What We Know About OpenAI’s Reasoning AI

Posted in News on Sep 12, 2024

As the world of AI continues to evolve, OpenAI remains at the forefront with exciting new developments. One of the most anticipated projects on the horizon is Project Strawberry—a groundbreaking AI model focused on enhanced reasoning capabilities. Set to launch soon, Project Strawberry aims to push the boundaries of what AI can achieve, particularly in handling complex tasks and multi-step problem solving. While we are still piecing together the full details, here’s everything we know so far about OpenAI’s latest innovation.




Other Blogs


California Governor Vetoes Major AI Safety Bill: What It Means for AI Regulation

Posted in News on Sep 30, 2024 and updated on Sep 30, 2024

The Impact of Server Location on Website Speed and SEO

Posted in Uncategorized on Jul 24, 2024 and updated on Jul 24, 2024

Coursera is offering 9 free courses with Certificate on their 9th Birthday

Posted on Apr 15, 2021 and updated on Apr 15, 2021

How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024 and updated on Nov 29, 2024

OpenAI's Updated ChatGPT App for Mac: Revolutionizing Multitasking

Posted in Uncategorized on Aug 08, 2024 and updated on Aug 08, 2024

Ransomware attack forces web hosting provider Managed.com

Posted in News on Jan 25, 2021 and updated on Mar 30, 2022

Install Django on CyberPanel and Openlitespeed with WSGI

Posted in Technical Solutions on Feb 02, 2021 and updated on Aug 26, 2022

How to Install Python 3.10 on Ubuntu 20.04 LTS & Ubuntu 18.04

Posted in Technical Solutions on Jan 02, 2022 and updated on Jan 02, 2022

Google Search Impact - Congrats on reaching 900 clicks in 28 days!

Posted in News on Mar 05, 2022 and updated on Mar 18, 2022

The Ultimate Guide to Different Types of Web Hosting

Posted in Uncategorized on Jun 24, 2024 and updated on Jun 24, 2024

Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024 and updated on Aug 02, 2024

Webcam Hacking and Stalking: Myth or Reality?

Posted in News on Dec 25, 2024 and updated on Dec 25, 2024

ChatGPT Project Strawberry: What We Know About OpenAI’s Reasoning AI

Posted in News on Sep 12, 2024 and updated on Sep 12, 2024







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons