Cyber-attack
Why in news :
- On February 16, an unauthorised third-party gained access to GoDaddy servers in its cPanel shared hosting environment, the company shared in a blog post.
- Attackers installed malware on servers causing intermittent redirection of customer websites to malicious sites leading to increased chances of successful phishing campaigns.
- Attackers also obtained pieces of code related to some services used by the company.
What are redirects, and how do they work?
- Redirect, redirecting, or URL forwarding is a method used to ensure that web pages with more than one URL can be accessed by users who do not have the precise or all the existing URLs.
- Redirects are predominantly used when a site is shifted to a new domain where multiple URLs are available for the same webpage.
- Setting up a server-side redirect, the kind used by threat actors in the attack on GoDaddy servers requires access to server configuration files or setting the redirect headers with server-side scripts.
- End-users are mostly unaware when they are being redirected to a new web page unless the web browser they use notifies them.
- However, redirects can be used by threat actors to get unsuspecting users to visit, interact and share information on malicious web pages.
Syllabus : Prelims + Mains; GS3 – Security