Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



Comprehensive Guide to Choosing the Right Domain and Hosting Services for Startups

Posted in Uncategorized on Jul 01, 2024

In today’s digital landscape, choosing the right domain name and hosting services is crucial for startups aiming to establish a strong online presence. This comprehensive guide explores the importance of domain selection, optimal hosting solutions, and popular CMS platforms like WordPress, WooCommerce, Joomla, and more. Whether you're deploying NodeJS, Django, Ruby on Rails, React, or other frameworks, understanding these elements is essential for scalable growth and seamless user experiences.



Google Search Impact - Congrats on reaching 900 clicks in 28 days!

Posted in News on Mar 05, 2022

Google Search Impact - Congrats 900 clicks 28 days! - Awesome



Hackers Hijacked Chrome Extensions to Inject Malicious Code

Posted in News on Dec 30, 2024

Hackers have hijacked at least 16 popular Chrome extensions, exposing over 600,000 users to potential data theft. The attack targeted known extensions through a phishing campaign, allowing attackers to inject malicious code that stole sensitive information such as cookies and session tokens. Cybersecurity experts have identified a wide range of affected extensions, including those related to AI tools, VPNs, and productivity. This breach highlights the vulnerability of browser extensions and the need for better security practices.



How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024

LinkedIn has always been a platform for professionals to network, find job opportunities, and share career-related content. However, over the past few years, it has evolved into something more, a place where thought leaders, influencers, and even job seekers have turned to AI-powered tools to help generate content. This shift has been a major factor in the rise of AI-generated posts, with over half of LinkedIn’s long-form posts being created by AI as of October 2024.



Hackers Hijack Many New Company Accounts With Domain Names On Squarespace

Posted in Uncategorized on Jul 19, 2024

In July 2024, hackers exploited a vulnerability in Squarespace's domain migration process, hijacking over a dozen company accounts, primarily targeting crypto-themed entities. This article delves into the incident, the impact on affected companies, and the necessary steps to enhance domain security.



Meet Autumn 2024 Alibaba Cloud MVPs: A Spotlight on Farhan Ali Shah

Posted in News on Oct 01, 2024

The Autumn 2024 Alibaba Cloud MVP Program proudly welcomes a group of talented professionals, including Farhan Ali Shah, Director at AliTech Solutions. This article highlights their achievements and contributions to the cloud computing community. Alibaba Cloud MVPs are recognized for their expertise and commitment to sharing knowledge, playing a crucial role in driving digital transformation and innovation. Join us as we celebrate these leaders who are shaping the future of technology through their dedication and passion for cloud solutions.



Meta's Fight Against Celebrity Investment Scam Ads with Facial Recognition Technology

Posted in News on Oct 23, 2024

Meta, the parent company of Facebook and Instagram, has taken significant steps in its ongoing battle against celebrity investment scam ads by leveraging facial recognition technology. These scam ads often involve deepfake images of celebrities like Gina Rinehart and Guy Sebastian, tricking users into believing false endorsements. This new initiative aims to quickly and accurately detect these fraudulent ads and remove them before they reach unsuspecting users.



OpenAI Just Announced New AI Features: Key Takeaways from DevDay

Posted in News on Oct 02, 2024

OpenAI has once again made headlines with a series of groundbreaking announcements at its recent developer event, DevDay. These updates promise to change the way developers and entrepreneurs build AI-powered products. Whether you're working on a new voice assistant or simply trying to optimize API usage, these new features will play a pivotal role in enhancing the performance and accessibility of AI technologies. In this article, we’ll break down everything you need to know about the new tools and capabilities OpenAI announced. From AI voice assistants to cutting-edge API updates, these innovations are setting the stage for the future of AI.



ChatGPT Project Strawberry: What We Know About OpenAI’s Reasoning AI

Posted in News on Sep 12, 2024

As the world of AI continues to evolve, OpenAI remains at the forefront with exciting new developments. One of the most anticipated projects on the horizon is Project Strawberry—a groundbreaking AI model focused on enhanced reasoning capabilities. Set to launch soon, Project Strawberry aims to push the boundaries of what AI can achieve, particularly in handling complex tasks and multi-step problem solving. While we are still piecing together the full details, here’s everything we know so far about OpenAI’s latest innovation.



Hosting by AliTech User & Reseller Portal - 2021

Posted in About Hosting by AliTech, News on Oct 17, 2021

Hosting by AliTech User & Reseller Portal coming soon stay tuned. https://bit.ly/3tm3kZ3 https://www.hostingbyalitech.com #hostingbyalitech #alitechsolutions #userportal #resellerportal #coming #soon



Introduction to Multi-Cloud Hosting

Posted in Uncategorized on Jul 29, 2024

Multi-cloud hosting is revolutionizing the way businesses manage their IT infrastructure by leveraging multiple cloud service providers. This strategy offers enhanced reliability, cost efficiency, flexibility, and scalability, making it a popular choice for modern enterprises. While it brings challenges like complexity in management and security concerns, the benefits often outweigh the drawbacks. As technology advances, trends such as AI integration, improved security measures, and the growth of edge computing are set to shape the future of multi-cloud hosting, making it an indispensable approach for businesses aiming for resilience and efficiency in their operations.



Start Saving Now

Posted in Hosting Promotions on Jan 29, 2021

Now you host your website at very low cost and save big. HostingbyAliTech is offering you litespeed web hosting at $0.45 per month. Whats a Big deal? Get web hosting services now and save your money.



Best Affordable Web Hosting Provider 2022 - Pakistan

Posted in News on Oct 14, 2022

We are pleased to announce that Hosting by AliTech has won the CorporateVision's Global Business Award "Best Affordable Web Hosting Provider 2022 - Pakistan".



Oprah’s Upcoming AI Television Special Sparks Outrage Among Tech Critics

Posted in News on Sep 04, 2024

Oprah Winfrey's upcoming AI television special, "AI and the Future of Us," airing on September 12, 2024, has sparked significant controversy. While the show aims to educate viewers about the impact of artificial intelligence, featuring interviews with tech leaders like Sam Altman and Bill Gates, critics argue that it may serve more as a promotional platform for the AI industry than as an unbiased exploration. Concerns have been raised about the potential for bias, with some fearing the show might downplay the ethical, social, and environmental challenges posed by AI.



The Future of AI and Cloud Computing: A Global Perspective

Posted on Oct 03, 2024

Cloud computing and artificial intelligence (AI) are transforming the technological landscape at an unprecedented pace. These two forces have become vital for businesses aiming to scale, innovate, and stay competitive in a digital-first world. As major corporations like Microsoft, Google, and Oracle make significant investments in cloud infrastructure and AI capabilities, it's clear that these technologies will shape the future of industries worldwide. In this article, we'll dive deep into the latest developments in AI and cloud computing, with a focus on global investments, emerging technologies, and the impact on businesses across different regions.



Where AliTech is located in Pakistan?

Posted in About Hosting by AliTech on Jan 15, 2021

AliTech is providing Future Tech Services, it is all about technology, Web Hosting, Cloud, Artificial Intelligence (AI). AliTech Services: Cloud Powered Hosting by AliTech Cloud Technology E-commerce E-mail Services Configuration Support Backup & Storage Services Security



Tips for Changing Python Django Superuser Password

Posted in Technical Solutions on Jun 07, 2024

Tips for Changing Python Django Superuser Password



[SOLVED / FIXED] dictionary update sequence element #0 has length 1; 2 is required

Posted in Technical Solutions on Aug 31, 2022

ERROR: ValueError at / dictionary update sequence element #0 has length 1; 2 is required SOLUTION: This has a simple solution.




Other Blogs


Google Search Impact - Congrats on reaching 900 clicks in 28 days!

Posted in News on Mar 05, 2022 and updated on Mar 18, 2022

Hackers Hijacked Chrome Extensions to Inject Malicious Code

Posted in News on Dec 30, 2024 and updated on Dec 30, 2024

How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024 and updated on Nov 29, 2024

Meet Autumn 2024 Alibaba Cloud MVPs: A Spotlight on Farhan Ali Shah

Posted in News on Oct 01, 2024 and updated on Oct 01, 2024

OpenAI Just Announced New AI Features: Key Takeaways from DevDay

Posted in News on Oct 02, 2024 and updated on Oct 02, 2024

ChatGPT Project Strawberry: What We Know About OpenAI’s Reasoning AI

Posted in News on Sep 12, 2024 and updated on Sep 12, 2024

Hosting by AliTech User & Reseller Portal - 2021

Posted in About Hosting by AliTech, News on Oct 17, 2021 and updated on Mar 14, 2022

Introduction to Multi-Cloud Hosting

Posted in Uncategorized on Jul 29, 2024 and updated on Jul 29, 2024

Start Saving Now

Posted in Hosting Promotions on Jan 29, 2021 and updated on Jan 30, 2021

Best Affordable Web Hosting Provider 2022 - Pakistan

Posted in News on Oct 14, 2022 and updated on Nov 27, 2023

Oprah’s Upcoming AI Television Special Sparks Outrage Among Tech Critics

Posted in News on Sep 04, 2024 and updated on Sep 04, 2024

The Future of AI and Cloud Computing: A Global Perspective

Posted on Oct 03, 2024 and updated on Oct 03, 2024

Where AliTech is located in Pakistan?

Posted in About Hosting by AliTech on Jan 15, 2021 and updated on Feb 19, 2021

Tips for Changing Python Django Superuser Password

Posted in Technical Solutions on Jun 07, 2024 and updated on Jun 07, 2024

Start Saving Now

Posted in Hosting Promotions on Jan 29, 2021

Start Saving Now

Posted in Hosting Promotions on Jan 29, 2021







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons