Massive Number of GoDaddy WordPress Blogs Hacked

A nasty little exploit has hit a large number of GoDaddy-hosted WordPress blogs this weekend. The best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

Re:I like their commercials

[Locke2005]

Unless you've got a Danica Patrick fetish, there is a lot better porn than GoDaddy commercials available for free on the 'net. But then, I think anybody that selects GoDaddy for hosting without googling for the many complaints about their service probably deserves anything they get.

Re:Inconceivable!

[elrous0]

It's hard to believe, but I used to refer clients to them back in the day. But those commercials put a stop to that. I'm not sure what they were trying to accomplish by running commercials more appropriate to Hooter's or a strip club chain. But if their goal was to drive away their serious customers, I'd say they picked the right strategy.

Re:Inconceivable!

[Anonymous Coward]

But if their goal was to drive away their serious customers, I'd say they picked the right strategy.

The Internet is serious business!

Re:Inconceivable!

[Hatta]

That probably was their strategy. McDonalds doesn't get a lot of business from serious diners, but they're not doing too badly. There's a lot of money to be made catering to the general public who's too ignorant to know good service from bad.

Re:Inconceivable!

[Anonymous Coward]

The point is that not everyone has the same needs as you do. Most people talk to their hosting companies more than once per decade. For anyone who is with GoDaddy and has to talk to them often, its rather painful.

Re:I like their commercials

[elysiana]

You know, a while back a friend of mine told me he had bought hosting at GoDaddy and was wondering if I'd help set up a site for him. I told him I wouldn't touch it until he got a better host, and he was shocked. His reaction was roughly, "What do you mean they're not reputable? They had Super Bowl commercials and everything!" Apparently people think that if a company spends millions on advertising, they must be upstanding.

I worry.

Re:I like their commercials

[Lumpy]

No it's a weakness of Wordpress, AND weak passwords.. Honestly, why is everyone all up in arms when a bunch of N00b's that dont know anything about site administration and security click on the one click install of wordpress and think it's an appliance because they are too damn cheap to buy wordpress hosting that has a team behind it making sure the stuff is updated and secure?

This is as much go-daddy's fault as a drunk drivers crash is Fords fault.

If you want a blog and not be a site admin then get it from http://wordpress.org/hosting/ [wordpress.org] and not worry about it. Otherwise dont come whining because you went for the lowest dollar hosting and are surprised that the cheap guy is not going to update your software for you.

Re:Network Solutions had a similar thing

[Lumpy]

there is no such thing as a strong password on a FTP account.

If you did not upgrade to SSH and SFTP from your control panel then you should not be managing a hosting site.