Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



Experience Unmatched Performance with LiteSpeed: A Comparison

Posted in News on Jun 07, 2024

Discover how LiteSpeed outperforms Nginx and Apache in delivering superior website performance, enhancing user experience for platforms like Magento and WordPress.



Best Affordable Web Hosting Provider 2022 - Pakistan

Posted in News on Oct 14, 2022

We are pleased to announce that Hosting by AliTech has won the CorporateVision's Global Business Award "Best Affordable Web Hosting Provider 2022 - Pakistan".



[SOLVED / FIXED] Python Django - TypeError: can't multiply sequence by non-int of type 'float'

Posted in Technical Solutions on Apr 02, 2022

[SOLVED / FIXED] Python Django - TypeError: can't multiply sequence by non-int of type 'float' Error: Language : Python Django TypeError: can't multiply sequence by non-int of type 'float'<strong>SOLUTION / FIX



Free Backlinks by Guest posts on HostingbyAliTech

Posted in Hosting Promotions, News on Jan 26, 2021

Free Backlinks by Guest posts on HostingbyAliTech We are announcing an exciting news!!! Now you can get free backlinks just by creating account on HostingbyAliTech and creating guest post.



AliTech is now verified by Apple ®

Posted in About Hosting by AliTech, News on Sep 20, 2020

Now Alitech is verified with Apple. Support team is available via iMessage 24/7.



OpenAI's Updated ChatGPT App for Mac: Revolutionizing Multitasking

Posted in Uncategorized on Aug 08, 2024

The recent update to OpenAI’s ChatGPT app for macOS introduces a transformative feature designed to enhance multitasking efficiency. This blog delves into the details of this update, exploring how it can streamline your workflow and improve overall productivity.



AliTech Python Django Hosting: Unleash Extreme Performance for Your Web Projects

Posted in About Hosting by AliTech on Aug 21, 2024

Discover why AliTech's Python Django Hosting stands out for developers seeking extreme performance and reliability. With plans featuring SSD storage, instant provisioning, and guaranteed resources, AliTech provides the ideal environment for your Django applications. Whether you're starting with the Bronze plan or scaling up to Titanium, explore how AliTech’s hosting solutions offer unmatched speed, flexibility, and control to power your web projects.



How to Choose the Best Domain Name for Your Website

Posted in Uncategorized on Jul 09, 2024

Choosing a domain name is more than just picking a web address; it’s about creating your online identity. Your domain is the gateway to your website and plays a crucial role in how people perceive and remember your brand. It should be concise, relevant to your business, and easy to remember. In this guide, we’ll explore the key factors to consider when selecting a domain name, tips for making it memorable, and tools to help you find the perfect fit. Whether you’re starting a new venture or rebranding an existing one, choosing the right domain name is a pivotal step towards online success.



Tips For Minimizing Website Downtime

Posted in Technical Solutions on Jul 02, 2024

Learn effective strategies to minimize website downtime and ensure continuous online presence.



Alibaba Expects AI to Drive More Than Half of Its Cloud Segment Growth

Posted in Uncategorized on Aug 19, 2024

In this article, we explore how Alibaba's investment in AI is driving significant growth in its cloud segment. With a focus on GPU-based AI product development, Alibaba aims to regain its position in the competitive global cloud market. Discover the strategies and challenges the company faces as it navigates the future of cloud computing



The Ultimate Guide to WordPress Hosting 2024

Posted in Uncategorized on Jul 05, 2024

Unlock the full potential of your WordPress website with the ultimate guide to WordPress hosting! Discover the importance of choosing the right hosting, explore the different types of hosting options, and learn how to migrate and set up your WordPress site for success. Get the inside scoop on top hosting providers, advanced features, and troubleshooting tips. Whether you're a beginner or a seasoned pro, this guide has got you covered. Read now and take your website to the next level



CyberPanel Docker Integration - Superb - 2022

Posted in Technical Solutions on Mar 04, 2022

CyberPanel Docker Integration | SFARPak #SFARPak If you like my work please subscribe, share & comment.



[SOLVED / FIXED] : File Explorer is crashing on right click Windows 10 | Windows 8 | Windows 7 | Windows XP

Posted in Technical Solutions on Apr 01, 2021

[SOLVED] : File Explorer is crashing on right click Windows 10 Issue: When you right click on File Explorer sidebar with Windows Explorer / File Explorer crashes.



Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024

In recent cybersecurity news, the emergence of the "Sitting Ducks" attack has posed a significant threat to domain name owners, exposing vulnerabilities in the Domain Name System (DNS) that can lead to severe security breaches. This comprehensive guide will delve into the intricacies of these attacks, their impact, and effective strategies for prevention.



Get 12 Months of AWS Wordpress Hosting for Free

Posted in Hosting Promotions, News, Technical Solutions on Sep 08, 2022

Introduction to AWS Free Tier AWS Free Tier includes many free services which are always free and many services which are offered free for 12 months plan.



[SOLVED / FIXED ] snapd error: cannot communicate with server: Post http://localhost/v2/snaps/core

Posted in Technical Solutions on Apr 15, 2022

[SOLVED / FIXED ] error: cannot communicate with server: Post http://localhost/v2/snaps/core



[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")

Posted on Jan 11, 2022

[SOLVED] django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists") PROBLEM / ERROR: django.db.utils.OperationalError: (1091, "Can't DROP 'column_name'; check that column/key exists")



[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL

Posted on Mar 27, 2022

[SOLVED / FIXED] django.core.exceptions.ImproperlyConfigured: Requested setting AUTH_USER_MODEL ERROR / PROBLEM: Starting the Python Shell in the terminal inside virtual environment.




Other Blogs


Experience Unmatched Performance with LiteSpeed: A Comparison

Posted in News on Jun 07, 2024 and updated on Jun 07, 2024

Best Affordable Web Hosting Provider 2022 - Pakistan

Posted in News on Oct 14, 2022 and updated on Nov 27, 2023

Free Backlinks by Guest posts on HostingbyAliTech

Posted in Hosting Promotions, News on Jan 26, 2021 and updated on Mar 30, 2022

AliTech is now verified by Apple ®

Posted in About Hosting by AliTech, News on Sep 20, 2020 and updated on Mar 30, 2022

OpenAI's Updated ChatGPT App for Mac: Revolutionizing Multitasking

Posted in Uncategorized on Aug 08, 2024 and updated on Aug 08, 2024

How to Choose the Best Domain Name for Your Website

Posted in Uncategorized on Jul 09, 2024 and updated on Jul 09, 2024

Tips For Minimizing Website Downtime

Posted in Technical Solutions on Jul 02, 2024 and updated on Jul 02, 2024

Alibaba Expects AI to Drive More Than Half of Its Cloud Segment Growth

Posted in Uncategorized on Aug 19, 2024 and updated on Aug 19, 2024

The Ultimate Guide to WordPress Hosting 2024

Posted in Uncategorized on Jul 05, 2024 and updated on Jul 05, 2024

CyberPanel Docker Integration - Superb - 2022

Posted in Technical Solutions on Mar 04, 2022 and updated on Mar 04, 2022

Understanding and Preventing 'Sitting Ducks' Attacks

Posted in Uncategorized on Aug 02, 2024 and updated on Aug 02, 2024

Get 12 Months of AWS Wordpress Hosting for Free

Posted in Hosting Promotions, News, Technical Solutions on Sep 08, 2022 and updated on Sep 07, 2022







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons