Yesterday
HowardForums.com was hijacked from their GoDaddy domain management account. HowardForums is a extremely popular technology and cellular telephone forum.
As you may recall,
MyVidster.com was also hijacked for about a week before they were able to recover their domain. A week of downtime. Insane. They were also registered through GoDaddy.
MachoMoe.com, a gay bareback pirate tube site who was registered though GoDaddy was hijacked as well. They have since (unfortunantly) also recovered their domain.
Three different domains, three completely different owners, two different niches. Hijacked. What they did have in common was they were all three registered at GoDaddy. These are just the domains I know about, but I am sure there are more. They all have been transferred to another registrar, and DNS changed to FreeDNS which forwards to a affiliate click scam website. All three have the same attack M.O. and forward to the same site. I am 100% sure it's the same attackers for all three. Is there keylogging malware going around targeting GoDaddy customers or is it an internal GoDaddy security issue?
If it's a security issue on GoDaddy's part... their new SMS authentication scheme won't work. Until it's figured out what is going on, in-case it's a malware attack I recommend everybody enable
GoDaddy's SMS Authentication until they can transfer away. I suggest Name.com they also have free two factor authentication, and are not so huge they are "out of touch" like GoDaddy so obviously is. Their phone support (I've called only once) also was able to quickly help me with minimal hold time. The blonde chick at the other end knew all the relevant domain lingo and how to help me, it was quite a painless call.
What the hell is going on?