GoDaddy sites hacked

drgrey · 05-01-2010, 04:59 PM

blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html -Sucuri Security: Second round of GoDaddy sites hacked

bazz · 05-01-2010, 06:23 PM

wow looks bad

DubDubDubDot · 05-01-2010, 08:17 PM

No surprise. WordPress is a favorite target of hackers.

DomainOutlaw · 05-01-2010, 10:37 PM

damn that sucks...

**enlytend** · 05-02-2010, 04:03 AM

Not just WP from what I read. There were reports of other types pages hacked as well - some running things like Joomla, some not. Either they a launched a barrage of exploits targeting GD's IP range or they found a vulnerability in their hosting environment.

liquidcherry · 05-02-2010, 10:29 AM

Originally Posted by enlytend

Not just WP from what I read. There were reports of other types pages hacked as well - some running things like Joomla, some not. Either they a launched a barrage of exploits targeting GD's IP range or they found a vulnerability in their hosting environment.

One comment on their site:"Their hosted sites were php, asp and coldfusion sites" .... it must be the GD hosting environment since these are 3 different languages with different coding methods AFAIK, unless there is one huge exploit what could affect three different languages?...i am not a coder but that seems strange to me
????: NamePros.com http://www.namepros.com/industry-news/654028-godaddy-sites-hacked.html

Cheers

Liquid

**enlytend** · 05-02-2010, 01:26 PM

Some person/group COULD have scripted and launched a collection of different exploits against their entire IP range. But shared hosting is by definition not very secure so someone might have found a vulnerability and attacked from inside their network.

mrjohn · 05-02-2010, 10:19 PM

Maybe they targeted GoDaddy IP ranges based on the theory that many GD customers aren't going to be professionals.

Generally, GD's explanations for big hacking events are spot-on. I have a ton of GD sites using WP on my own virtual dedicated servers. No sign of any issues.

**-Nick-** · 05-03-2010, 12:54 AM

It is Godaddy hosting that is being exploited.

I have non wordpress sites on GD and they have been compromised.

Now first of all Godaddy has to accept it is their hosting that is messed up. Rather then dump it on wordpress or something else.

mrjohn · 05-03-2010, 05:57 AM

Can you link to a site that was compromised?

I assume it's a shared hosting issue, right?

**enlytend** · 05-03-2010, 06:56 AM

Quote:

I have non wordpress sites on GD and they have been compromised.

Sorry to hear that!

Wordpress and Joomla ARE common vectors for attacks - one host that I use recently instituted a policy of "upgrade to the current version or have your installation disabled" for their shared hosting customers. Draconian, but I guess it works.

Ettore · 05-04-2010, 09:29 AM

Ah, nowadays I read more and more abput those things :/

drgrey · 05-14-2010, 07:38 PM

It's not a WP issue blog.sucuri.net/2010/05/found-code-used-to-inject-malware-at.html - Sucuri Security: Found code used to inject the malware at GoDaddy

GD fess up blog.sucuri.net/2010/05/reply-from-godaddy-regarding-latest.html - Sucuri Security: Reply from GoDaddy regarding the latest attacks

05-01-2010, 04:59 PM	THREAD STARTER #1 (permalink)
drgrey NamePros Member Join Date: Mar 2009 Posts: 98	GoDaddy sites hacked blog.sucuri.net/2010/05/second-round-of-godaddy-sites-hacked.html -Sucuri Security: Second round of GoDaddy sites hacked Last edited by mis_chiff; 11-07-2010 at 09:02 AM.

05-01-2010, 10:37 PM	#4 (permalink)
DomainOutlaw NamePros Regular Join Date: Mar 2010 Posts: 257	damn that sucks... __________________ Scary Movies List / Comedy Movies List/ Flame War/ Sea Monsters/Best Entry Level DSLR Camera

05-02-2010, 04:03 AM	#5 (permalink)
enlytend Forum Moderator Join Date: Aug 2006 Location: USA Posts: 2,152 Follow @enlytend	Not just WP from what I read. There were reports of other types pages hacked as well - some running things like Joomla, some not. Either they a launched a barrage of exploits targeting GD's IP range or they found a vulnerability in their hosting environment. __________________ Enlytend Solutions - Internet marketing and web development Was my advice helpful? Please consider a small donation to the National Canine Cancer Foundation - a tax deductible 501(c)(3)that directly funds cancer research

05-02-2010, 01:26 PM	#7 (permalink)
enlytend Forum Moderator Join Date: Aug 2006 Location: USA Posts: 2,152 Follow @enlytend	Some person/group COULD have scripted and launched a collection of different exploits against their entire IP range. But shared hosting is by definition not very secure so someone might have found a vulnerability and attacked from inside their network. __________________ Enlytend Solutions - Internet marketing and web development Was my advice helpful? Please consider a small donation to the National Canine Cancer Foundation - a tax deductible 501(c)(3)that directly funds cancer research

05-03-2010, 12:54 AM	#9 (permalink)
-Nick- I'll do it Join Date: Dec 2005 Location: India Posts: 6,939 Follow @keralpatel	It is Godaddy hosting that is being exploited. I have non wordpress sites on GD and they have been compromised. Now first of all Godaddy has to accept it is their hosting that is messed up. Rather then dump it on wordpress or something else. __________________ Delq\|Fhur\|Kegh\|Vhir\|Juhy\|Ruuz\|Jyos\|Jupt\|Vhek Webmaster Blog \| Software Downloads Makeup & Beauty Tips \| Sponsor Ads

05-01-2010, 06:23 PM	#2 (permalink)
bazz NamePros Member Join Date: Jul 2009 Posts: 73	wow looks bad

05-01-2010, 08:17 PM	#3 (permalink)
DubDubDubDot Senior Member Join Date: May 2008 Posts: 1,634	No surprise. WordPress is a favorite target of hackers.

05-02-2010, 10:19 PM	#8 (permalink)
mrjohn NamePros Regular Join Date: Jan 2010 Location: Pennsylvania Posts: 406	Maybe they targeted GoDaddy IP ranges based on the theory that many GD customers aren't going to be professionals. Generally, GD's explanations for big hacking events are spot-on. I have a ton of GD sites using WP on my own virtual dedicated servers. No sign of any issues.

05-03-2010, 05:57 AM	#10 (permalink)
mrjohn NamePros Regular Join Date: Jan 2010 Location: Pennsylvania Posts: 406	Can you link to a site that was compromised? I assume it's a shared hosting issue, right?

05-04-2010, 09:29 AM	#12 (permalink)
Ettore NamePros Member Join Date: Apr 2010 Location: Bergamo Posts: 123 Follow @radiobohemian	Ah, nowadays I read more and more abput those things :/ __________________ UNLIMITED Hosting for just $3.99/month \|Register .co for just $27.99/yr\| >Register .eu for just $8.50/yr \|.asia for just 12.09\| > \|CHECK OUR HOT DEALS\| Visit Berlin

05-14-2010, 07:38 PM	THREAD STARTER #13 (permalink)
drgrey NamePros Member Join Date: Mar 2009 Posts: 98	It's not a WP issue blog.sucuri.net/2010/05/found-code-used-to-inject-malware-at.html - Sucuri Security: Found code used to inject the malware at GoDaddy GD fess up blog.sucuri.net/2010/05/reply-from-godaddy-regarding-latest.html - Sucuri Security: Reply from GoDaddy regarding the latest attacks Last edited by mis_chiff; 11-07-2010 at 09:03 AM.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)