Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

Squarespace Domain Names Compromised

July 15, 2024
Reading Time: 3 mins read
in Incidents
Squarespace Domain Names Compromised

A significant cybersecurity breach has come to light, revealing that multiple domain names hosted on Squarespace have been compromised by unknown hackers, with the incident reportedly commencing around July 10, 2024. This breach has notably affected domains transferred to Squarespace following its acquisition of Google Domains in September 2023. The acquisition involved the migration of domain registration data and customers from Google Domains to Squarespace, a process that continued over several months. During this transition, Squarespace automatically created accounts for each domain based on email addresses associated with Google Domains accounts, including administrative, technical, and billing contacts.

The attackers exploited vulnerabilities within this migration process to gain unauthorized access to Squarespace accounts. Once inside, they proceeded to manipulate DNS records, enabling them to redirect domain traffic and intercept emails by altering MX records. This tactic allowed the hackers to execute password resets and escalate their control over associated accounts. The impact of these actions was particularly severe within the decentralized finance (DeFi) sector, affecting platforms such as Compound Finance, Celer Network, and Pendle Finance. These platforms experienced DNS hijacking, leading users unwittingly to malicious sites designed to steal funds and sensitive user information.

In response to the breach, Squarespace has issued several recommendations aimed at mitigating the fallout and preventing further unauthorized access. These include urging affected users to enable Two-Factor Authentication (2FA), remove unnecessary accounts that were automatically created during the migration, and thoroughly review and correct any unauthorized changes to DNS settings. Additionally, users are advised to consider transferring their domains to alternative registrars such as Cloudflare Registrar, Amazon Route53, MarkMonitor, or CSC for enhanced security measures.

Security experts and investigators are actively pursuing the incident to ascertain the full extent of the compromise and the precise methods employed by the attackers. They have emphasized the importance of Squarespace enhancing its security protocols and providing robust support to affected customers. As the situation evolves, users are urged to exercise heightened vigilance when interacting with potentially compromised domains and to remain updated with the latest security advisories from Squarespace and relevant authorities.

Reference:

  • Hackers Compromise Squarespace Customers Domains Following Google Acquisition
Tags: Acquisitioncyber incidentsCyber Incidents 2024Cyber threatsGoogleGoogle DomainsJuly 2024Squarespace
ADVERTISEMENT

Related Posts

Masimo Cyberattack Disrupts Manufacturing

Masimo Cyberattack Disrupts Manufacturing

May 8, 2025
Masimo Cyberattack Disrupts Manufacturing

West Lothian Schools Hit by Ransomware

May 8, 2025
Masimo Cyberattack Disrupts Manufacturing

Cyberattack Targets Tepotzotlán Facebook

May 8, 2025
Coweta County School System Cyberattack

UK Legal Aid Agency Faces Cyber Incident

May 7, 2025
Coweta County School System Cyberattack

South African Airways Hit by Cyberattack

May 7, 2025
Coweta County School System Cyberattack

Coweta County School System Cyberattack

May 7, 2025

Latest Alerts

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

New OttoKit Flaw Targets WordPress Sites

Mirai Botnet Exploits Vulnerabilities in IoT

Critical Kibana Flaws Allows Code Execution

Subscribe to our newsletter

    Latest Incidents

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    UK Legal Aid Agency Faces Cyber Incident

    South African Airways Hit by Cyberattack

    Coweta County School System Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial