 |
| Floor Tiles |
Warning! Massive Number of Godaddy WordPress Blogs Hacked This Weekend
Sid here. I want to warn you guys about a massive exploit that has hit a large number of Godaddy Hosted WordPress Blogs this weekend
This hack appears to redirect visitors upon arrival from Google and attempts to install mal-ware on their computers. When I was visiting the site directly, whether logged in or as an Admin, even if I could see the malicious script in my view-source window I did not have any issues and it did not redirect me. This means your site could be hacked and infected and you may be unaware.
I noticed a couple key give a ways:
In view source, you will see <script src=”http://cechirecom.com/js.php”> located just above the </body> tag on all .php files. If you view source and see this, that’s cause for alarm
When logged in, you’ll have a screwed up WordPress dashboard. Basically it looks like it is messing up the loading of some CSS in the WordPress Admin area, causing everything
When arriving from Google, a hacked website will redirect to http://www2.burnvirusnow34.xorg.pl/
The good news is this attack appears to be based only on your actual files – not your database. That’s relatively easy to clean up. In GoDaddy you should be able to revert to an old version of your files (Go to April 23rd or before and you should be fine)
The bad news is we don’t know at this point how the hackers are gaining access.
So far, here’s what I’ve found out about Godaddy stance, from another blog that’s also covering this issue:
Please forward this post to your friends, and help us get the word out. It looks like this has compromised a large number of blogs, and especially since it happened over the weekend, there’s a good chance many bloggers haven’t noticed it.
Sid here. I want to warn you guys about a massive exploit that has hit a large number of Godaddy Hosted WordPress Blogs this weekend
This hack appears to redirect visitors upon arrival from Google and attempts to install mal-ware on their computers. When I was visiting the site directly, whether logged in or as an Admin, even if I could see the malicious script in my view-source window I did not have any issues and it did not redirect me. This means your site could be hacked and infected and you may be unaware.
I noticed a couple key give a ways:
In view source, you will see <script src=”http://cechirecom.com/js.php”> located just above the </body> tag on all .php files. If you view source and see this, that’s cause for alarm
When logged in, you’ll have a screwed up WordPress dashboard. Basically it looks like it is messing up the loading of some CSS in the WordPress Admin area, causing everything
When arriving from Google, a hacked website will redirect to http://www2.burnvirusnow34.xorg.pl/
The good news is this attack appears to be based only on your actual files – not your database. That’s relatively easy to clean up. In GoDaddy you should be able to revert to an old version of your files (Go to April 23rd or before and you should be fine)
The bad news is we don’t know at this point how the hackers are gaining access.
So far, here’s what I’ve found out about Godaddy stance, from another blog that’s also covering this issue:
Please forward this post to your friends, and help us get the word out. It looks like this has compromised a large number of blogs, and especially since it happened over the weekend, there’s a good chance many bloggers haven’t noticed it.
our web host is responsible only up to a certain degree for providing security for your website and then the actual owner is then responsible for his or her own personal website security. I see someone mentioned checking file and folder permissions to make sure they are set correctly. And I see someone else mentioned protecting and securing documents that contain passwords and account info. I also see several other very good procedures and practices that everyone should follow to ensure their own personal website security.
No comments:
Post a Comment