Over the weekend, numerous users on GoDaddy shared webhosting accounts reported that their sites had been hacked with injected malware. Neowin.net was able to get a hold of GoDaddy’s security expert Todd Redfoot who explained what happened:
GoDaddy reassures customers that the attack was via WordPress and not an attack on the GoDaddy servers themselves. The coordinated attack on WordPress was formed in a botnet-like attack, which targeted outdated versions of WordPress, however, the exploit was not found in version 2.9.2. In some instances, users not running WordPress were also hacked, but did have an active or inactive WordPress installation on their account. In as many cases, users were unaware that an installation of WordPress was present on their account.
So in this instance, GoDaddy was not specifically attacked but sites using WordPress on their servers were. This is another lesson that upgrading ASAP to lessen the chance of these types of exploits affecting your site is imperative in maintaining a healthy website.
On a related note, a couple of the U.S. Department Of Treasury websites have been hacked as well. These sites are located within the Network Solutions hosting system which explains the compromise. According to NetSol:
This past weekend, an application that we support on our hosting platform was exploited as we were in the process of fixing it. We believe we have fixed the issue and we were able to contain the number of potentially affected websites to less than 250.
Discussion regarding the hacks affecting the various webhosting companies is ongoing in the following WPTavern forum thread.