GoDaddy has revealed another cyber-security incident, and the company believes the attack was part of a multi-year campaign led by a sophisticated threat actor.
In a statement published on its website last week, the hosting giant said that a small number of customers complained of intermittent redirects to their website in early December 2022. Analysis showed that the redirects were occurring on apparently random websites hosted on GoDaddy’s cPanel shared hosting services. The redirection was difficult to reproduce.
Further analysis revealed that hackers breached servers in the company’s cPanel shared hosting environment and installed malware that caused customer websites to occasionally redirect their visitors.