GoDaddy, a leading web hosting platform, has revealed hackers have gained access to its systems, installed malware on its network and stolen parts of its source code in a multi-year intrusion.
The company said it was working with multiple law enforcement agencies around the world, in addition to forensics experts, to further investigate the issue.
GoDaddy did not reveal the name of the technology partners, who are responsible for protecting the company from cyber attacks. Charles Beadnall is the Chief Technology Officer of GoDaddy.
GoDaddy is supporting 21 million enterpreneurs in their digital initiatives and 84 million domain names worldwide.
“We have evidence, and law enforcement has confirmed, that this incident was carried out by a sophisticated and organized group targeting hosting services like GoDaddy,” the US-based company said in a statement.
The hackers’ goal was to infect websites and servers with malware for phishing campaigns, malware distribution and other malicious activities.
GoDaddy revealed in a US Securities and Exchange Commission (SEC) filing that it believes the hackers are the same group that it found inside the company’s networks in March 2020.
It became aware of the intrusion in December 2022 when GoDaddy started receiving a small number of customer complaints about their websites being intermittently redirected.
GoDaddy investigated and found that the intermittent redirects were happening on seemingly random websites hosted on its cPanel shared hosting servers and were not easily reproducible by GoDaddy, even on the same website.
GoDaddy remediated the situation and implemented security measures in an effort to prevent future infections.
GoDaddy in November 2021 revealed that 1.2 million of its WordPress customers’ sensitive information was compromised. GoDaddy had warned users that this exposure can put users at greater risk of phishing attacks.