Numerous GoDaddy Websites Hijacked for Pushing Malware
According to Securi, several GoDaddy-hosted websites were under hackers' control after they compromised them with malicious software, reported Domain Name Wire dated September 15, 2011.
The compromise occurred through those entries that were included in the hijacked websites' .htaccess file.
Although assaults causing .htaccess diversion similar to the above are commonplace against several earlier Joomla and WordPress sites, the current instance isn't of this sort.
Actually as per the victims, the hazard isn't what Securi doubted i.e. hijacking of GoDaddy websites, rather one of utilizing the precise username and password of the websites in all the instances.
Todd Redfoot who's the Chief Information Security Officer of GoDaddy said that GoDaddy's security researchers identified that cyber-criminals compromised about 445 hosting accounts with the help of the username and password of the account-owners. Surfers who attempted at visiting the websites through particular search engines got diverted onto another website that planted malware on their PCs, Redfoot explained. Domain Name Wire reported this.
Securi stated that end-users were re-diverted onto other areas for having their Web-browsers contaminated as well. Therefore, it was necessary to cleanse the websites at the earliest for safeguarding visitors accessing them.
Meanwhile, GoDaddy states it's coordinating with clients for solving the problem; however, anyone with an account on GoDaddy must confirm so. This should be done at least via Googling for the website visited as also clicking the web-link, provided the browser has all the patches installed and other defenses are sufficient.
However, Redfoot thinks there maybe problems in identifying such a compromise as website proprietors hardly access their sites through Google or other search engines. A website that's GoDaddy hosted should be accessed through Google for ensuring it isn't hijacked, GoDaddy recommends.
Furthermore, according to Redfoot, the problem is still being probed while GoDaddy's security experts hitherto validate that it isn't an infrastructure collapse therefore it shouldn't affect more clients. The malware has been fast eradicated and clients will be helped out to fix the problem, he adds.
End-users might as well require requesting a malware examination by prominent security vendors and Google incase they obstructed websites owing to an intrusion.
Related article: Numerous Incidents of Computer Hacking from China Perturbs Pentagon
» SPAMfighter News - 26-09-2011