FIASCO: Multiple Squarespace Domains Hijacked After Security Loophole Exploited

5 months ago 16
YOUR AD HERE
Experts say Squarespace overlooked this security issue due to their assumption that most – if not all – Google Domains customers who had migrated to their service would utilize their social media logins, as opposed to email. File photo: Tada Images, ShutterStock.com, licensed.

NEW YORK, NY – Last week, multiple organizations with domains registered with Squarespace had their websites hijacked by hackers, with most of the instances primarily targeting cryptocurrency-based businesses, such as Celer Network, Compound Finance, Pendle Finance, and Unstoppable Domains.

The hijacks took place between July 9 and July 12, and involved Google Domains assets; Squarespace had purchased the Google Domains service in June 2023 – along with approximately 10 million of its domains – and has since been gradually migrating those domains to their service since then.

However, many former Google Domains customers have yet to set up new accounts with Squarespace, and reports indicate that hackers discovered that they could take over any of the migrated accounts that had not been registered simply by utilizing an email address associated with an existing domain to log in on Squarespace’s website.

And since the domain in question didn’t have a password due to the fact that it was unregistered at the time, the hacker was then offered an option to create one, giving them control of the domain.

Experts say that the main reason Squarespace overlooked this security issue was due to their assumption that most – if not all – Google Domains customers who had migrated over to their service would utilize their social media logins, as opposed to email. Seems like both a foolish and critical mistake.

Ok super weird thing happened today regarding Google and Squarespace.

Google domains forced a migration of some sites to Squarespace. In doing so it removed google 2FA for security.

This has made SOME of the website domains on Squarespace vulnerable to attack.

So far Compound… pic.twitter.com/gpQ6WLJPt9

— Picolas Cage (@Picolas_Caged) July 11, 2024

This past weekend, Squarespace closed this security loophole that had been exploited by removing the email login option on their website, but the damage had already been done; hackers had redirected the hijacked domains to phishing sites that, in turn, stole the cryptocurrency funds of any visitor unfortunate enough to visit them.

Industry experts have offered advice and assistance to Squarespace in order to beef up the security of their migrated Google Domains assets, including removing unnecessary user accounts, disabling reseller access in Google Workspace, and requiring multi-factor authentication, a feature that was disabled during the migration.

Filed Under: Domain Names, Security Issues Tagged With: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Read Entire Article