WordPress-based, GoDaddy-hosted websites hacked
Posted on 09 June 2010.
WordPress users whose websites are hosted on GoDaddy servers have been targeted by fake AV peddlers - again.

According to Sucuri Security, the web hosting company's servers were hacked yesterday around 3pm EST, and thousand of WordPress blogs and other PHP based websites were contaminated with a malicious script that points to a fake AV hosted at http://cloudisthebestnow[dot]com/kp.php.

It is also interesting to note that the people behind this attack are the same ones that executed an identical attack against GoDaddy's servers less than a month ago:


Sucuri Security offers an explanation about how these attacks take place: "GoDaddy has some internal vulnerability that is allowing the attackers to upload the following code to their sites: MW:SIPRO:1. A few minutes after this code is uploaded, the attackers run it remotely and this PHP script infects all the files within the site."

Luckily for the owners of the sites, the attack has the same solution as the previous one.







Spotlight

What IT skills are in demand?

IT security tops the list of skills that teams need most, and one out of five reported having difficulty finding skilled talent for cloud initiatives. Companies are also looking for pros who have skills in network engineering, systems engineering, IT architecture and network operations.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Apr 17th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //