Massive Number of GoDaddy WordPress Blogs Hacked

A nasty little exploit has hit a large number of GoDaddy-hosted WordPress blogs this weekend. The best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

This weekend, or two weeks ago?

[devjoe]

I found this story mentioning a similar incident regarding WordPress blogs, but it happened two weeks ago, rather than this weekend. The original site is slashdotted, so I can't tell if this is really the same incident or not.

Network Solutions had a similar thing

happen about a week ago, though I believe they indicated their FTP accounts had been hacked.

http://blog.networksolutions.com/2010/we-feel-your-pain-and-are-working-hard-to-fix-this/

It was annoying, but I just restored from the prior days backup and went on. I only had one FTP account and a strong password and mine got hit.

We reported this to them on 3/11

[isThisNameAvailable]

One of our departments decided to do their own thing and host a site on GoDaddy. Not sure if it was Wordpress or not, but the same thing happened to them. We reported it back on 3/11 and moved the site. Way to get in front of this thing GoDaddy! Oh, and it wasn't just Google. Referrers from Bing and Yahoo would redirect to the same link spam page.