Anonymous hacker claims GoDaddy attack; outage hits millions

Anonymous hacker claims GoDaddy attack; outage hits millions

Summary: Go Daddy, one of the world's largest website providers and domain registrars, has suffered a major outage. One hacker thought to be connected with Anonymous is claiming responsibility for the alleged 'attack.'

SHARE:
4mkp-twitter-zaw2

Go Daddy, the domain registrar and Web hosting firm, has suffered major outages today, taking potentially millions of sites down with it.

Shortly after 1:30 p.m. ET, @GoDaddy took to Twitter to say: "Status Alert: Hey, all. We're aware of the trouble people are having with our site. We're working on it."

The cause and the true scale of the outage is unknown. Many customers and users have taken to social networking sites, such as Facebook, Google+, and Twitter, to complain that the sites they operate or are trying to access are not loading. Some are complaining that their email communications are affected, such as individual email accounts and servers.

A member associated with the hacktivist Anonymous collective has claimed responsibility for the 'attack.'

The 'outage'

Go Daddy, which says it is the world's largest hosting provider of secure websites with more than 53 million registered domain names, has yet to confirm the cause of the apparent outage, but said on Twitter that it was "working on" getting the service back up and running.

Go Daddy's main website was also down for a brief period. In a message on one of its pages, the company said:

We are experiencing problems. We understand this is impacting some customers and we take this situation very seriously. Everyone at Go Daddy.com is working to restore all sites affected by this outage as soon as possible.

According to one source speaking to ZDNet, Go Daddy's DNS servers are not resolving forcing many websites offline. In many cases, even if the site is not hosted by Go Daddy itself, the DNS servers are down and cannot point the user to the correct page. 

Some parts of the website appeared to be working again at 4 p.m. ET. At just after 4 p.m. ET, Go Daddy said in a tweet that it was "still working" on the ongoing issues and that the firm was "making progress."

"Some service has already been restored. Stick with us," the tweet read.

At 6:16 p.m. ET, Go Daddy said that "more progress has been made," but that it was "still investigating and working" to find the source of the problem and find a solution.

According to sister-site CNET, Go Daddy spokesperson Elizabeth Driscoll said: "Go Daddy is experiencing intermittent outages. This is impacting our site and some customer sites."

Later on in the evening, Driscoll told ZDNet in an emailed statement:

At around 10:25 am PT, Go Daddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT. At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised.

Driscoll added that more updates were on the way "within the next 24 hours."

Links to Anonymous

One Twitter user, named @AnonymousOwn3r, claimed sole responsibility for the alleged attack, stating, "was only me not the Anonymous [collective]". On his Twitter profile, he claims to be a "security leader of #Anonymous." He goes on to say in an earlier tweet that he was "behind many things such like irc, ops, attacks [sic]."

His Twitter account has seen more than 1,500 new followers per hour on average, and continues to retweet coverage from various news sites and agencies.

@AnonOpsLegion, an account linked to the Anonymous collective, praised the hacker for his alleged work. Many of the hacker's tweets are in Portugese, suggesting he is in Brazil, based on analysis of earlier tweets.

Christina Warren, entertainment editor at Mashable, empathized with the customers who are struggling with downed website. She said: "But the epicness of this sort of hack cannot be denied. I mean, hot damn. That’s a huge get."

But one of the 'main' Anonymous account, @YourAnonNews, has distanced the hacking collective from the alleged attack, saying in a tweet: "Please redirect your godaddy hate to @AnonymousOwn3r says is the 'leader' of Anonymous."

If this was the work of a lone hacker taking down tens of millions of websites, it would be the largest takedown of any service ever.

SOPA backlash?

Last year, Go Daddy came out in support of the controversial Stop Online Piracy Act ("SOPA"), but bowed to pressure from Reddit activists following the transfer of tens of thousands of domain names from Go Daddy to other companies.

The Wikimedia Foundation famously moved away from Go Daddy after the non-profit group protested months earlier in opposition of SOPA by blacking out its entire English-speaking website for 12 hours.

However, despite speculation that this could be connected to the previous support for SOPA, AnonymousOwn3r said: "I'm not anti go daddy, you guys will [understand] because i did this attack [sic]."

"I'm taking godaddy down [because] well i'd like to test how the cyber security is safe and for more reasons that i can not talk now," the hacker said in another tweet.

Businesses affected, ripple-effect continues

The fallout from the hack or outage -- or whatever it turns out to be -- is already starting to affect ordinary businesses across the world. Not only that, the knock-on effect to Go Daddy as a company could be huge.

If Go Daddy was taken down by seemingly one person -- the possibility that he could be in control of a botnet notwithstanding -- it shows the vulnerabilities of even major corporations. Why stick around with a company that cannot guarantee the uptime that one pays for? Similarly, it has a ripple-effect on other businesses and service providers. It's a wake-up call to the industry.

RunningShoes.com chief executive Chad Weinman told ZDNet:

RunningShoes.com was brought down for several hours today by the Go Daddy attacks. Our online retail business is dependent on our site functioning properly in order to conduct daily business. An outage of this magnitude signficiantly affects our revenue stream and as a direct result of this event we have lost ten of thousands in sales. Switching off the Go Daddy platform is now under serious consideration internally.

Even if, by the end of this, it was a 'simple' outage that led to the collapse of the Go Daddy empire for more than half-a-day -- let alone on a Monday morning during business hours -- the financial implications for the company could be far greater than the mass exodus seen as part of the wider SOPA protests.

But how Anonymous' public perception will be if it is proven to be an attack performed in its name -- even if the collective has distanced itself from the alleged hack -- the public's mood could shift against the once-revered online antagonists.

While no Web hosting service is perfect, with poor reviews and hasty, ill-informed customer service, what Go Daddy does from here will be crucial.

As Forbes so kindly put it: "whether because of their [sexist] advertising tactics that they just won't change, poor judgment by its executive team [the elephand killing], unethical business practices, carelessness for its existing customers or inability to control its own services," perhaps this will be the last straw for customers. 

Poor infrastructure, poor support, poor communication through a few meager tweets, or poor resiliance to a cyber-attack. Whatever the outcome, Go Daddy isn't going to come out of this lightly.

Image credit: C. Sternal-Johnson/Twitter.

Topics: Networking, Censorship, Data Centers, Hardware, Outage, Privacy, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

29 comments
Log in or register to join the discussion
  • Using budget hosts like Godaddy is irresponsible

    Why you should not use GoDaddy or any other budget host:
    http://benjaminkerensa.com/2012/09/10/why-godaddy-downtime-emphasizes-need-for-solid-web-hosting
    bkerensa
    • @bkerensa you are ignorant!

      Dude, you are a trolling ignoramus. This attack was not about *HOSTING*. This attack was on DNS. Go get your publicity elsewhere. Oh, and try and do 5 min of research before blabbering about something you know nothing about.
      styles1975
  • Anonymous group and members are just bullies.

    The whole group are making themselves out to be modern day Robin Hoods, but the hurt small businesses today more than they hurt GoDaddy. This whole hack is just because someone disagreed with the biggest meanest kid on the playground and then got beat up for it.

    Dennis Edmondson
    Computing Concepts LLC
    http://www.computingconceptsllc.com/anonymous-hacks-godaddy
    comconcepts
    • WRONG

      Oh, you think so? Think again -- just what do you call it when the CEO of Godaddy posts pictures of himself sitting on top of the bloody carcass of a baby elephant he just shot with a power-rifle -- grinning like a baboon.

      Now THAT is a bully. The guy is an arrogant jack@ss. Read about his background to get a clue.

      I hope they hack Godaddy to PIECES.
      Angel O'Justice
  • Nonsense logic

    AnonymousOwn3r says "I'm taking godaddy down [because] well i'd like to test how the cyber security is safe". Or not.
    So he/she/it is bringing the whole thing down to show us how it could be brought down.
    Isn't that like shooting someone in the chest just to demonstrate how easy it is to shoot them in the chest? "Look. I'm doing you a favour. Now you'll be more careful in the future".
    phildobbie
    • Actually...

      That's not a very good analogy. When it comes to the internet and software it IS a good thing when hackers expose/exploit security holes because it makes the company in question harden their security and be far more conscious of it in the future providing a safer service for users.

      Apparently though, GoDaddy is denying that they were even hacked in the first place and that it was just technical difficulties. Unfortunately, that's hard to believe as it's exactly what you'd expect them to say if they were hacked for damage control to try and save business and keep the scare factor down.

      Thanks, Bryan
      Bryan Hadaway
  • Think. Then talk.

    Christina Warren doesn't help things by saying, "the epicness of this sort of hack cannot be denied. I mean, hot damn. That’s a huge get."

    The guys who do this stuff live for quotes like that.
    Robert Hahn
  • I've been warning people about GoDaddy for years...

    Over the years I've done my best to steer my clients, partners and readers away from GoDaddy (http://bryanhadaway.com/web-hosting-best-vs-worst/). But, it definitely takes an act of this scale to finally get people to listen.

    Thanks, Bryan
    Bryan Hadaway
    • @Bryan Hadaway - FAIL

      You are a "Web designer". Therefore you have no idea what the difference is between HOSTING and DNS. Plaaaaaaaese!

      You are yet another trolling ignoramus. This attack was not about *HOSTING*. This attack was on DNS. Go get your publicity elsewhere. Oh, and try and do 5 min of research before blabbering about something you know nothing about.
      styles1975
      • @styles1975

        I looked up the difference between HOSTING and DNS, and found out they are closely related. If you attack DNS servers and bring them down, HOSTING goes out the window too. Browsers wouldn't know where to go get a website page. Hosting firms maintain DNS servers to help propagate their products through the Internet, and so they need to secure them against attacks. GoDaddy was at the receiving end, but it affected all of us - web designers included.

        I'm not looking forward to being called a trolling ignoramus :-( An explanation of why I'm wrong would be as insulting :-)
        a.V.s
        • Sorry, but he's right

          Everybody has an IP address. When you go to your browser and type www.zdnet.com, the DNS takes that string and gives you the IP address that refers to. The entire internet runs on DNS. If I go and buy a server and some super fast internet (becoming my own host), I still have to register with a DNS service to get any traffic, because otherwise people would have to type in my IP address to access the website. That is what went down. Most of the hosts were still up and running, but the service that points to the host wasn't functioning. This affects tons more people than just those using GoDaddy as a hosting service.
          Aerowind
          • Exactly...

            Correct and agreed. It's not as though I ever said anything to the contrary. Obviously, styles1975 went off on a tangent a bit because his/her "rebuttals" to me are completely incomprehensible to the context of what I was saying.

            It's like I said "Apples are red." and he/she replied "No! Oranges are orange!" Technically they're correct in what they're saying and I even agree with them, but it has absolutely nothing to do with what I was saying so who they're arguing with or what's got them so stirred up is a mystery to me.

            Anyways, I know first hand what you're saying because that's how I was effected. Working on a project that is hosted on WP-Engine (completely separate from GoDaddy servers), but the domain is still registered through GoDaddy so we experienced issues.

            Besides, the fact that I have years of experience with this stuff and I knew anyways, I certainly would have known that yesterday before I commented because of the aforementioned issue that I experienced first hand.

            Thanks, Bryan
            Bryan Hadaway
        • you 'looked' it up? lol

          DNS going down does not bring down hosting...think of DNS like using speed-dial. If you don't have DNS just use the IP address instead of the easy to remember URL.

          After setting up my hosting internally and having to set-up a complex system of subnets with DNS, I can appreciate the guys that do this on a mass scale. There are so many attack vectors that goes all the way down to the physical infrastructure and network that I don't think you understand.
          dtdono0
          • @dtdonoo

            DNS going down DOES bring down hosting! Look it up :-)

            And if we could "use IP addresses instead of the easy to remember URLs", we would have no need for DNS. Look it up :-)

            Your second paragraph has no relevance to the issue under discussion. I hope you understand that :-)

            This has been fun - only because of people like styles1975 and dtdonoo. Could some one tell me why the "Flag" link does nothing when I click it?

            I needed to vote for some posts - posts of intelligent people who took time off to add value to this discussion, but nothing happens when I click the "Vote" link...
            a.V.s
          • @shejale

            I also cannot vote or flag. I contacted support about it, but it doesn't make much difference now. This conversation seems to have died out, probably for the best.
            Bryan Hadaway
      • @styles1975

        I'm never surprised by comments like yours which is the sad truth and general commentary on the overall state of intelligence we can expect in the world today from the average person.

        You call me ignorant and a troll and yet only establish that that is IN FACT what you are, and then you get two votes, it's incredible. I try to remain calm and polite, but it becomes so difficult when essentially being called a moron by an actually ignorant person who is flying that flag high and loud ironically and hypocritically establishing that and getting pats on the back for it.

        Yes, I'm primarily a web designer (among many other things), so that means that I don't know the difference between hosting and DNS? I'm sorry, but you just lost all credibility. Clearly, you're incapable of critical thinking to even assume something like that at the most basic level.

        I've been doing this for going on 7 years now. I'm well versed in ALL things web, design, programming, hosting, DNS, nameservers, SEO etc etc etc. I don't just design websites visually.

        Besides the fact that I DO know the difference between DNS/domain/IP address and the actual storage of files, hosting, this has nothing to do with what my comment is illustrating.

        All that I'm saying is that in GENERAL GoDaddy is an awful service in every way, regardless of how or why they recently had major issues, I hope the message gets through to current customers to question their host and consider a better option.

        I never made ANY technical comments about DNS or hosting whatsoever. The link to the article I wrote is merely to demonstrate how GoDaddy is a bad host to begin with anyways.

        You have not made one valid point towards me, in fact everything you have said only makes sense directed towards YOU.

        If you have an ounce of forgivable intelligence I'd expect you to admit that you made a mistake jumped to a whole bunch of incorrect assumptions and conclusions here. However, I expect childish name calling and exclamation points all about in return.
        Bryan Hadaway
      • @styles1975

        Oh wow, not even sure why I responded in so much detail now when you're a confirmed troll. You're going throughout this whole page of comments calling people ignorant with canned responses. Your comments need to flagged, not responded to.
        Bryan Hadaway
      • Learn to Spell

        First off, he's done more research than you on the subject. Second, learn to spell before posting.

        "Plaaaaaaaese" is not a word.
        Boushe9849
  • Nice move.

    Good luck convincing anyone now that you and your fellow scum "hack" for noble causes, genius.
    Hallowed are the Ori
  • Hehehe....

    GoDaddy deserves it. seems they register sites and don't give a crap what they do. I'm sure half of the cybersquatter sites were registered by them
    Gisabun