Hackers Hijack Many New Company Accounts With Domain Names On Squarespace



Introduction

More than one dozen firms with domain names found across Squarespace witnessed their websites get hijacked recently. This incident highlights a critical flaw in domain security that needs immediate attention. Domain security is paramount as it protects the online identity and assets of businesses.

Background

In June of last year, Squarespace acquired assets belonging to Google Domains, encompassing nearly 10 million domain names. The acquisition aimed to streamline services and provide a unified platform for domain management. However, the migration process left several vulnerabilities exposed.

The Hijacking Incident

The domain hijacking incident lasted from July 9th to 12th, primarily targeting crypto-themed entities such as Celer Network and Pendle Finance. During this period, malicious hackers took advantage of the migration process's loopholes, leading to significant security breaches.

How the Hijacking Occurred

Hackers exploited a flaw in the migration process that allowed them to supply email IDs linked to a domain that was still under registration. Without proper email validation, attackers could easily create accounts linked to these domains, bypassing the need for passwords initially set by legitimate users.

Impact on Crypto-Themed Entities

The hijacking primarily affected crypto-themed entities, which are lucrative targets due to the substantial funds involved. Companies like Celer Network and Pendle Finance faced potential financial losses as their domain names were compromised, putting their users at risk.

Redirecting to Phishing Sites

Once the attackers gained control of the domains, they redirected them to phishing sites designed to steal crypto funds from visitors. This method is particularly dangerous as it exploits the trust users place in these platforms, leading to significant financial losses.

Squarespace's Response

In the wake of the incident, Squarespace opted to remain silent initially, offering no comments or statements regarding the attack. However, the company has since taken steps to address the vulnerabilities and prevent future incidents.

Expert Analysis

Cybersecurity experts have analyzed the incident, highlighting the flaws in Squarespace's migration process. The assumption that users would opt for 'Continue with Apple or Google' over 'Continue with email' proved to be a critical oversight.

Metamask's Insight

The head of Metamask explained how Squarespace never anticipated threat actors signing up for accounts linked to newly migrated domains before the legitimate email holders did. This oversight allowed attackers to exploit the system and hijack the domains.

Lack of Domain Activity Insights

One major concern is the absence of activity insights or audit logs for domains managed by Squarespace. Without these logs, it's challenging to detect and respond to unauthorized actions, making domains vulnerable to hijacking without any alerts being sent.

Further Exploitation Risks

The lack of robust security measures means that future exploitation risks remain high. It's crucial for Squarespace and other domain management platforms to implement stricter security protocols to safeguard their users' assets.

Steps for Affected Users

For users affected by the hijacking, immediate actions include enabling two-factor authentication, reviewing and removing unnecessary contributor accounts, and reverting unauthorized changes. Long-term security practices should involve regular monitoring of domain activity and employing strong, unique passwords.

Preventing Future Attacks

To prevent future attacks, Squarespace must improve its security measures, including mandatory email validation and comprehensive audit logs. Users should also be vigilant and proactive in securing their domains, using robust security tools and practices.

Conclusion

The recent domain hijacking incident at Squarespace serves as a stark reminder of the importance of domain security. By addressing the vulnerabilities and implementing stronger security measures, both Squarespace and its users can better protect their online assets and identities.

FAQs

How did the hackers exploit the flaw?

Hackers exploited a flaw in the migration process by supplying email IDs linked to domains that were still under registration, allowing them to create accounts without proper validation.

Which companies were most affected?

Crypto-themed entities like Celer Network and Pendle Finance were among the most affected, facing potential financial losses due to the hijacking.

What steps should users take now?

Affected users should enable two-factor authentication, review and remove unnecessary contributor accounts, revert unauthorized changes, and regularly monitor their domain activity.

How can future domain hijackings be prevented?

Future hijackings can be prevented by implementing stricter security measures, such as mandatory email validation, comprehensive audit logs, and robust monitoring tools.

What changes has Squarespace implemented post-attack?

Squarespace has started disallowing the creation of new accounts using only an email address and is likely working on further security enhancements to prevent similar incidents in the future.

Tags: Hackers Hijack Company Accounts, Squarespace Domain Hijacking, Cybersecurity Incident, Crypto-Themed Entities, Domain Security Flaws, Google Domains Acquisition, Phishing Attacks, Domain Migration Vulnerabilities, Email Validation Issues, Cybersecurity Measures, Two-Factor Authentication, Domain Management Security, Squarespace Response, Protecting Online Assets, Cybersecurity Best Practices

Read more : https://www.hostingbyalitech.com/blog

Alitech Blog

Posted in Uncategorized on Jul 19, 2024



Top Best Web Hosting Services of 2024

Posted in About Hosting by AliTech, News on Sep 02, 2024

Find the best web hosting service for your website in 2024! Compare top hosting providers like HostGator, Bluehost, and DreamHost, and discover the benefits of cloud-powered hosting with Hosting by AliTech. Limited time offer: Get up to 33.3% off your hosting plan with Hosting by AliTech!



Cloud Platform - Add Swap File on CentOS 7

Posted in Technical Solutions on Feb 28, 2021

Cloud Platform - Add Swap File on CentOS 7, I will start with adding 4GB of swapfile, to check 4GB equivalent to KB I will use below site.



Automated Backup to GoogleDrive - CyberPanel - HostingbyAliTech

Posted in About Hosting by AliTech, Technical Solutions on Jul 18, 2021

Automated Backup to GoogleDrive - CyberPanel All the Hosting by AliTech customers have access to GoogleDrive Backups, here is what you need..



Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024

Explore the differences between .org and .com domain extensions and decide which is best for your website. Understand their unique purposes, availability, and implications for your online presence.



Khan Academy Brings AI Tutor 'Khanmigo' to Pakistan: Revolutionizing Education

Posted in News on Dec 27, 2024

Khan Academy Pakistan (KAP) has launched an innovative AI-powered tutor, Khanmigo, to revolutionize education in Pakistan. This cutting-edge tool aims to enhance student learning and provide crucial support to teachers. With personalized assistance for students and resources like automated lesson planning for teachers, Khanmigo is set to address Pakistan’s educational challenges. The tool is available in multiple languages, ensuring accessibility across diverse regions. By offering world-class, localized education, Khan Academy Pakistan is helping bridge gaps in literacy, numeracy, and access to quality education for millions of students across the country.



How to Install Remote Desktop (RDP) on CentOS 7

Posted in Technical Solutions on Aug 26, 2022

How to Install Remote Desktop (RDP) on CentOS 7 How to install XRDP



Why Telegram CEO Pavel Durov Was Arrested in Paris: The Full Story

Posted in News on Aug 27, 2024

In the fast-evolving world of digital communication, Pavel Durov stands out as a relentless advocate for user privacy. As the founder of VKontakte and Telegram, Durov has consistently prioritized encryption and user control over data. This commitment has made him a controversial figure, especially in the eyes of governments that demand access to user information. The ongoing tension between privacy and security is embodied in Durov's journey, raising critical questions about the future of free speech and the ethical responsibilities of tech companies. What happens when the defender of digital privacy himself becomes a target?



Webcam Hacking and Stalking: Myth or Reality?

Posted in News on Dec 25, 2024

Webcam hacking is a growing concern in the digital world, with hackers exploiting vulnerabilities in webcams to gain unauthorized access to private spaces. But how real is this threat, and should you be worried? From phishing emails to malware and Trojan horse programs, hackers are using various techniques to breach webcams and invade individuals' privacy. With real-life cases of webcam hacking and stalking on the rise, it's essential to understand the risks and take precautions to protect your privacy and security.



How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024

LinkedIn has always been a platform for professionals to network, find job opportunities, and share career-related content. However, over the past few years, it has evolved into something more, a place where thought leaders, influencers, and even job seekers have turned to AI-powered tools to help generate content. This shift has been a major factor in the rise of AI-generated posts, with over half of LinkedIn’s long-form posts being created by AI as of October 2024.



AI-Generated Captions Come to Max via Google

Posted on Sep 25, 2024

Warner Bros. Discovery has partnered with Google to launch "Caption AI," an innovative tool that uses AI technology to automatically generate captions for unscripted programming on the Max streaming service. Built on Google’s Vertex AI platform, this collaboration aims to cut captioning costs by up to 50% and reduce production time by 80%. As the media industry increasingly embraces AI, this partnership highlights the potential of technology to streamline processes while maintaining quality and accuracy in content accessibility.



UAE to grant citizenship to expat investors and professionals

Posted in News on Jan 30, 2021

UAE to grant citizenship to expat investors and professionals including engineers, doctors, artists "The UAE cabinet, local Emiri courts & executive councils will nominate those eligible for the citizenship under clear criteria set for each category. The law allows receivers of the UAE passport to keep their existing citizenship."



4 tips to enable Nested Virtualization like a PRO

Posted in Technical Solutions on Oct 17, 2021

Nested virtualization is used to enable, use or create virtual machines within virtual machines, consider Virtualbox is running CentOS virtual machine



Infinix Launches Its First-Ever Foldable Phone, the Zero Flip

Posted in News on Sep 28, 2024

In the ever-evolving world of smartphones, the competition for innovative and cutting-edge technology has become fierce. Enter Infinix, a brand known for delivering value-packed devices at competitive prices. Recently, Infinix made headlines by launching its first-ever foldable phone, the Infinix Zero Flip, marking the company's debut into the foldable smartphone arena. At just $600, this phone offers a great balance of performance, features, and affordability. In this article, we'll break down everything you need to know about the Infinix Zero Flip—its specs, design, features, and why it's turning heads in the smartphone industry.



Google Gemini’s Memory Feature: Personalizing AI Interactions

Posted in News on Nov 21, 2024

Google Gemini's new memory feature takes AI personalization to the next level. By allowing users to input specific preferences and details, Gemini tailors its responses to better suit individual needs. Whether it's adjusting to dietary requirements or prioritizing professional interests, this feature offers a more relevant and engaging experience. Unlike other AI systems, Gemini gives users full control over what information is remembered, ensuring privacy and transparency. Available to subscribers of the Google One AI Premium plan, this feature is set to redefine how we interact with AI chatbots.



Graykey and Its Limitations: Insights from Leaked Documents

Posted in News on Nov 20, 2024

Graykey, a forensic tool used to unlock smartphones, is facing challenges with newer devices. Leaked documents reveal it can only partially unlock iPhones running iOS 18, accessing limited data like unencrypted files and metadata. Its performance on Android devices, such as Google Pixel phones, is also limited by device states. This highlights the ongoing battle between tech companies enhancing security and forensic tools trying to keep up, raising questions about privacy and access in the digital age.



WordPress Cofounder Asks Court to Dismiss WP Engine’s Lawsuit

Posted in News on Nov 01, 2024

WordPress cofounder Matt Mullenweg, along with Automattic, has moved to dismiss a lawsuit filed by WP Engine that alleges defamation, extortion, and trademark infringement. WP Engine’s claims arise from Mullenweg’s criticism of the company’s contributions to WordPress and his decision to restrict its access to WordPress.org resources. Mullenweg counters that WP Engine has no legal right to these resources, describing the company’s reliance on WordPress.org as a “risky decision” made without a backup plan. This high-stakes case has stirred concerns within the WordPress community about the implications for other developers and businesses relying on the platform’s open-source ecosystem.



Now hiring Wordpress PHP Developer (Remote / Office) - 2022

Posted in Jobs on Feb 28, 2022

Now hiring Wordpress PHP Developer (Remote / Office): Required Wordpress CSS, HTML, Javascript, PHP



AliTech WordPress Hosting: Unmatched Performance for Your WordPress Sites 2024

Posted in About Hosting by AliTech on Aug 22, 2024

Explore the benefits of AliTech WordPress Hosting, designed for extreme performance and reliability. With SSD storage, instant provisioning, and guaranteed resources, AliTech offers tailored hosting solutions to meet the needs of any WordPress site. Whether you're starting with the Bronze plan or scaling up to Titanium, discover how AliTech provides the power and flexibility to keep your site running smoothly and efficiently.




Other Blogs


Top Best Web Hosting Services of 2024

Posted in About Hosting by AliTech, News on Sep 02, 2024 and updated on Sep 02, 2024

Cloud Platform - Add Swap File on CentOS 7

Posted in Technical Solutions on Feb 28, 2021 and updated on Aug 26, 2022

Org Vs .Com: What’s The Difference?

Posted in Uncategorized on Jul 18, 2024 and updated on Jul 18, 2024

Khan Academy Brings AI Tutor 'Khanmigo' to Pakistan: Revolutionizing Education

Posted in News on Dec 27, 2024 and updated on Dec 27, 2024

How to Install Remote Desktop (RDP) on CentOS 7

Posted in Technical Solutions on Aug 26, 2022 and updated on Aug 26, 2022

Why Telegram CEO Pavel Durov Was Arrested in Paris: The Full Story

Posted in News on Aug 27, 2024 and updated on Aug 27, 2024

Webcam Hacking and Stalking: Myth or Reality?

Posted in News on Dec 25, 2024 and updated on Dec 25, 2024

How LinkedIn Became a Hub for AI-Generated Content

Posted in News on Nov 29, 2024 and updated on Nov 29, 2024

AI-Generated Captions Come to Max via Google

Posted on Sep 25, 2024 and updated on Sep 25, 2024

UAE to grant citizenship to expat investors and professionals

Posted in News on Jan 30, 2021 and updated on Mar 30, 2022

4 tips to enable Nested Virtualization like a PRO

Posted in Technical Solutions on Oct 17, 2021 and updated on Oct 17, 2021

Infinix Launches Its First-Ever Foldable Phone, the Zero Flip

Posted in News on Sep 28, 2024 and updated on Sep 28, 2024

Google Gemini’s Memory Feature: Personalizing AI Interactions

Posted in News on Nov 21, 2024 and updated on Nov 21, 2024

Graykey and Its Limitations: Insights from Leaked Documents

Posted in News on Nov 20, 2024 and updated on Nov 20, 2024

WordPress Cofounder Asks Court to Dismiss WP Engine’s Lawsuit

Posted in News on Nov 01, 2024 and updated on Nov 01, 2024

Now hiring Wordpress PHP Developer (Remote / Office) - 2022

Posted in Jobs on Feb 28, 2022 and updated on Feb 28, 2022







Comments

Please sign in to comment!






Subscribe To Our Newsletter

Stay in touch with us to get latest news and discount coupons