Researchers: hackers have exploited a Squarespace flaw to hijack domains, apparently mostly from crypto businesses, that were migrated from Google Domains
“If you bought Google Workspace via Google Domains, Squarespace is now your authorized reseller,” the help document explains. … BrianKrebs / @briankrebs@infosec.exchange : At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven't set up their new accounts. … X: @celernetwork : ✅Thanks to our 24/7 domain security monitoring, an attempted takeover of Celer domains was successfully intercepted. All DNS records have been recovered. Our ongoing investigation indicates that the attack vector likely involved third parties beyond our control. 👁️The Celer Pendle / @pendle_fi : Post Mortem For context - Squarespace purchased all domain registrations and related customer accounts from Google Domains in June 2023, which forced the migration of domains. Recently, attackers exploited a vulnerability in Squarespace, hijacking domains hosted on their @compoundfinance : ✅ Update: Thanks to the tenacious efforts of so many in the community, the https://compound.finance/ website is once again secure. Please always remain vigilant in clicking links to avoid phishing scams. Make sure to restart your browser to ensure visiting the proper website. If @samczsun : multiple crypto projects have had their domains mysteriously hijacked from their @squarespace account. consider transferring your domain to one of these instead: - @Cloudflare - @awscloud Route53 - @markmonitor - @CSCDBS @wordpressdotcom : If you don't like where your domains ended up (𝘤𝘰𝘶𝘨𝘩 Squarespace 𝘤𝘰𝘶𝘨𝘩), move to a safer option with us at https://wordpress.com/. Visit https://wordpress.com/... and let us get you started ASAP. Forums: Hacker News : Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks