Websites Hosted at Go Daddy Attacked and Exploited Again
According to a latest warning raised by the researchers at Sucuri Security (a firm running a web integrity monitoring service) a number of websites harbored at Go Daddy (an Internet domain registrar) have had malicious code injected into their webpages.
The warning informs that there are an uncertain number of websites harbored at Go Daddy that have been attacked and abused. The research shows that this is an ongoing issue that commenced over last couple of days.
The external code leads the users to a scareware distribution website, which imitates an antivirus scan and exhibits various bogus alerts about infections on their systems. The objective of this scam is to trap users to purchase licenses for a useless application, which claims to be capable of removing malware that never existed.
As per security experts, it's unlikely that Go Daddy's own infrastructure is responsible for this mass attack. The reason behind why all infected websites are harbored in the same place is because criminals first scan the IP space of big hosting providers, to create a list of vulnerable websites and then attack them all together.
According to a statement published on sucuri blog website on September 17, 2010, what was interesting about the attack was that the domain was registered by the same people accountable for the past attacks at BlueHost, Go Daddy, etc.
Other groups such as, BlueHost or media temple, Network Solutions also had to face same incidents previously, some of them even repetitively.
But the most terrible thing about this case is the malicious domain yblindstudioinfoonline dot com (184.108.40.206) is not blacklisted, thus it has the potential to attack a very large number of visitors, particularly visitors with obsolete AV signatures and definitions.
Hence, users are recommended to use an updated version of legal anti-virus to avoid being victimized to these kinds of attacks.
Related article: Websites – The Latest Weapon in The Hands of Phishers
» SPAMfighter News - 01-10-2010