Summary:
-
Hijacking Incident: At least a dozen organizations with domains registered at Squarespace experienced hijacks from July 9 to July 12, primarily targeting cryptocurrency businesses.
-
Cause of Vulnerability: The issue arose from weak security defaults during the migration of 10 million domain names from Google Domains, with many customers not having set up their new Squarespace accounts.
-
Attack Method: Hackers exploited the ability to commandeer unregistered migrated accounts by providing an email address associated with existing domains, redirecting them to phishing sites to steal cryptocurrency funds.
!