GoDaddy Hacks Due To Old Software – Bad Passwords

Over the weekend, numerous users on GoDaddy shared webhosting accounts reported that their sites had been hacked with injected malware. Neowin.net was able to get a hold of GoDaddy’s security expert Todd Redfoot who explained what happened:

GoDaddy reassures customers that the attack was via WordPress and not an attack on the GoDaddy servers themselves. The coordinated attack on WordPress was formed in a botnet-like attack, which targeted outdated versions of WordPress, however, the exploit was not found in version 2.9.2. In some instances, users not running WordPress were also hacked, but did have an active or inactive WordPress installation on their account. In as many cases, users were unaware that an installation of WordPress was present on their account.

So in this instance, GoDaddy was not specifically attacked but sites using WordPress on their servers were. This is another lesson that upgrading ASAP to lessen the chance of these types of exploits affecting your site is imperative in maintaining a healthy website.

On a related note, a couple of the U.S. Department Of Treasury websites have been hacked as well. These sites are located within the Network Solutions hosting system which explains the compromise. According to NetSol:

This past weekend, an application that we support on our hosting platform was exploited as we were in the process of fixing it. We believe we have fixed the issue and we were able to contain the number of potentially affected websites to less than 250.

Discussion regarding the hacks affecting the various webhosting companies is ongoing in the following WPTavern forum thread.

6 Comments


  1. One site I do have running on GoDaddy (unfortunately) was running WordPress 2.9.2 when it got hacked the other day.

    Report


  2. They’re file permissions issues… that’s why the pharma is hitting 2.9.2 latest… only servers with bad permissions are getting hacked… funny that none of my 60+ are getting hacked… why? because I don’t use crap hosting from netsol or godaddy. mt grid is a diff thing but sort of similar.

    Report


  3. Those hosting guys are all point at WordPress. It happens that many account on their insecure servers use WordPress as a CMS. This is bad that are kicking the blame elsewhere.

    Report


  4. I just found your site. I am concerned about the many rumors flying about with regard to Go Daddy. It is true that all the hosts blame Word Press or the user when their servers gum up. By the way do you like your commenting system. I am wanting to install AJAX EDIT COMMENTS on my site as my visitors and contributors are always complaining about not being able to edit their comments. To date I haven’t been able to find a good plug-in although the Ajax looks good. Any help is appreciated as some of these things work for about ten minutes and some slow down my site.

    Report


  5. My site which was also hosted on Godaddy, got hacked, it was being redirected to some other site.
    I have uninstalled it and waiting to fix it.

    Report


  6. I talked with GoDaddy who assured me it wasn’t their servers, that it was WP. Yet, every php file on my (old) hosting account w/ them was hacked, WP and non-WP files. The WP install on there was the latest version and I have such complicated passwords even I can’t remember them.

    The kicker? Got hacked 5/7/10, cleaned up everything (including a fresh install of WP), changed all passwords (including ftp passwords), and got hacked again today at 4:30 central time!

    Sure GoDaddy, it’s not your servers at all…

    Just one more reason I moved to MT.

    Report

Comments are closed.