GoDaddy authentication vulnerability exploited for phishing campaigns

CERT-LatestNews ThreatsCybercrime

GoDaddy.com was found to have a vulnerability in the way it handles domain name server (DNS) change requests, allowing hackers to hijack domains and a create two disruptive spam email campaigns. said the scams, a bomb threat hoax and a sextortion email campaign from 2018, were allegedly made possible thanks to an authentication weakness in GoDaddy.