Brian Krebs reports:
Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar, KrebsOnSecurity has learned.
[…]
This latest campaign appears to have begun on or around Nov. 13, with an attack on cryptocurrency trading platform liquid.com.
“A domain hosting provider ‘GoDaddy’ that manages one of our core domain names incorrectly transferred control of the account and domain to a malicious actor,” Liquid CEO Mike Kayamori said in a blog post. “This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.”
Read more on KrebsonSecurity.com
I wouldn’t characterize using a phone to dupe lazy, ignorant employees in companies that have no strict policies and procedures as “increasingly sophisticated and aggressive” attacks.