Forgot your password?

Close
typodupeerror
Google Security IT

Massive Number of GoDaddy WordPress Blogs Hacked 112

Posted by CmdrTaco
from the sucks-to-be-them dept.
A nasty little exploit has hit a large number of GoDaddy-hosted WordPress blogs this weekend. The best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.
This discussion has been archived. No new comments can be posted.

Massive Number of GoDaddy WordPress Blogs Hacked More

Massive Number of GoDaddy WordPress Blogs Hacked

Comments Filter:

  • Re:I like their commercials (Score:1, Interesting)

    by Anonymous Coward on Monday April 26, 2010 @12:16PM (#31985460)

    I bet they're really glad they switched to Windows server a few years ago after Microsoft paid them to do so.

  • Re:I like their commercials (Score:4, Interesting)

    by ircmaxell (1117387) on Monday April 26, 2010 @12:18PM (#31985474) Homepage

    I wonder if infected sites should be held accountable for PC's that get infected.

    I wonder if Godaddy should be held accountable for PC's that get infected. After all, it was on their servers, and they have the power to either pull the plug on the affected server(s) or to roll back backups (assuming they take backups). Considering this is a mass attack, does it imply that a weakness in their servers allowed the attack (As in one site was compromised, and the attacker gained access to the entire server through that one site)? If so, Godaddy is absolutely responsible. In fact, I would think they'd be liable to both the end users (people who got infected) and their customers for not adequately protecting them and affecting their reputation (Just take down the server already)...

  • Re:This weekend, or two weeks ago? (Score:3, Interesting)

    by mzs (595629) on Monday April 26, 2010 @12:24PM (#31985542)

    That one was likely different. In that earlier one the interesting bit was the use of a cookie. So you would only be redirected one time (if the cookie was not there).

  • Re:I like their commercials (Score:3, Interesting)

    by WrongSizeGlass (838941) on Monday April 26, 2010 @12:31PM (#31985622)
    It looks like the 'WP Admins' (if that's what we're calling them) used weak passwords for their hosting account, FTP and/or DB, used 'Admin' username and possibly even used the same password for all of them. Rocket surgery, indeed!

  • Re:Wow (Score:3, Interesting)

    by phantomcircuit (938963) on Monday April 26, 2010 @01:50PM (#31986460) Homepage

    Wordpress the opensource Blogging software, not wordpress.com the hosted blogging provider.

    This attack did not target Google at all. Whoever modded you interesting failed.

My haircut is totally traditional!

Close