- Joined
- Jun 13, 2020
- Messages
- 7,544
- Reaction score
- 916
- Points
- 212
- Awards
- 2
On December 30, 2020, the Guarda multicurrency non-custodial wallet underwent a DNS spoofing attack. The project team blames GoDaddy hosting for the incident.
According to Guarda representatives, GoDaddy employees transferred control over the account and domains [guarda.co and guarda.com] to attackers, which allowed the latter to redirect users to a fake wallet backup download page.
Guarda asked GoDaddy to suspend domains until access was restored, but this never happened. The project's engineers tried to slow down the phishing site. According to them, 90% of the time during which domains were under the control of attackers, the phishing form was unavailable.
Guarda cooperates with the Estonian police. The project is considering filing a class action lawsuit against GoDaddy and is citing a November 21 investigation by cybersecurity specialist Brian Krebs. It says that GoDaddy employees have been the victims of several phishing attacks - attackers tricked their admin credentials to access other sites.
About 100 people have filed support tickets, according to a January 4 Guarda post. The attackers transferred the stolen assets to Ethereum and exchanged them for Bitcoin through the Uniswap decentralized exchange. Some funds, the project team assures, managed to be fixed at centralized sites.
ForkLog was able to detect some addresses to which the cybercriminals transferred funds.
The service has already presented a compensation plan:
According to Guarda representatives, GoDaddy employees transferred control over the account and domains [guarda.co and guarda.com] to attackers, which allowed the latter to redirect users to a fake wallet backup download page.
Guarda asked GoDaddy to suspend domains until access was restored, but this never happened. The project's engineers tried to slow down the phishing site. According to them, 90% of the time during which domains were under the control of attackers, the phishing form was unavailable.
Guarda cooperates with the Estonian police. The project is considering filing a class action lawsuit against GoDaddy and is citing a November 21 investigation by cybersecurity specialist Brian Krebs. It says that GoDaddy employees have been the victims of several phishing attacks - attackers tricked their admin credentials to access other sites.
About 100 people have filed support tickets, according to a January 4 Guarda post. The attackers transferred the stolen assets to Ethereum and exchanged them for Bitcoin through the Uniswap decentralized exchange. Some funds, the project team assures, managed to be fixed at centralized sites.
ForkLog was able to detect some addresses to which the cybercriminals transferred funds.
- bitcoin (11.12 BTC);
- Ethereum (over 200 ETH);
- USDT ERC-20 (over 200 ETH)
The service has already presented a compensation plan:
- if the user has lost up to $ 2000, he will be returned the full amount in bitcoin or stolen cryptocurrency. An alternative option is to agree to the payment of $ 4000 in Guarda tokens with an agreement to a three-year vesting;
- if the user has lost from $ 2,000 to $ 10,000, he will be returned 50% in bitcoin or they will be offered a double amount in tokens with an agreement to a three-year vesting;
- if the user has lost more than $ 10,000, he will be returned 20% in bitcoin, or they will be offered the equivalent of the lost amount + 50% in tokens with an agreement to a three-year vesting.
