1. history

What happened?

From the GoDaddy logs, we can see that someone was able to change the email address 
QuickSwap provided to his or her personal address.

From our own experience getting the email address reset, we know how easily this can be accomplished with GoDaddy support.

After gaining access to the email and 2FA, the attacker changed the password and 
was then able to change the DNS settings. 
S/he pulled the code from the beta version of our UI from GitHub and the phishing attack began. 

All in, approximately $107,600 USD was traded on QuickSwap during the phishing attack and 
lost to the attacker.

1. history

CategoryDns CategoryWatch CategoryTemplate

Moin2Qmail: quickswap/GoDaddy (last edited 2022-05-22 10:47:32 by ToshinoriMaeno)