A technique referred to as “domain shadowing” is leveraging weak account passwords at GoDaddy, to infiltrate user accounts of domain holders.
The perpetrators then create hundreds, even thousands of subdomains, and use them to launch spam, malware and to perform other illegal activity.
By leaving the primary domains alone, the owners do not realize that their domain assets are utilized to facilitate crime.
In a detailed article, Maria Korolov of the security publication CSO, mentions that GoDaddy was the only domain Registrar that was targeted in a recently identified attack, involving the creation of 10,000 malicious subdomains, registered on several hundred GoDaddy accounts.
This method takes advantage of weak passwords or phishing attacks, along with the lack of a two-factor authentication.
Domain owners rarely check their accounts, outside of when registering or renewing domain names.
For more information on domain shadowing and its consequences, click here.