Why in news :

  • On February 16, an unauthorised third-party gained access to GoDaddy servers in its cPanel shared hosting environment, the company shared in a blog post.
  • Attackers installed malware on servers causing intermittent redirection of customer websites to malicious sites leading to increased chances of successful phishing campaigns.
  • Attackers also obtained pieces of code related to some services used by the company.

What are redirects, and how do they work?

  • Redirect, redirecting, or URL forwarding is a method used to ensure that web pages with more than one URL can be accessed by users who do not have the precise or all the existing URLs.
  • Redirects are predominantly used when a site is shifted to a new domain where multiple URLs are available for the same webpage.
  • Setting up a server-side redirect, the kind used by threat actors in the attack on GoDaddy servers requires access to server configuration files or setting the redirect headers with server-side scripts.
  • End-users are mostly unaware when they are being redirected to a new web page unless the web browser they use notifies them.
  • However, redirects can be used by threat actors to get unsuspecting users to visit, interact and share information on malicious web pages.

Syllabus : Prelims + Mains; GS3 – Security