WordPress-based, GoDaddy-hosted websites hacked
Posted on 09 June 2010.
WordPress users whose websites are hosted on GoDaddy servers have been targeted by fake AV peddlers - again.

According to Sucuri Security, the web hosting company's servers were hacked yesterday around 3pm EST, and thousand of WordPress blogs and other PHP based websites were contaminated with a malicious script that points to a fake AV hosted at http://cloudisthebestnow[dot]com/kp.php.

It is also interesting to note that the people behind this attack are the same ones that executed an identical attack against GoDaddy's servers less than a month ago:


Sucuri Security offers an explanation about how these attacks take place: "GoDaddy has some internal vulnerability that is allowing the attackers to upload the following code to their sites: MW:SIPRO:1. A few minutes after this code is uploaded, the attackers run it remotely and this PHP script infects all the files within the site."

Luckily for the owners of the sites, the attack has the same solution as the previous one.







Spotlight

The big picture of protecting and securing Big Data

Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Aug 28th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //