Massive Number of GoDaddy WordPress Blogs Hacked

← Back to Stories (view on slashdot.org)

Massive Number of GoDaddy WordPress Blogs Hacked

Posted by CmdrTaco on Monday April 26, 2010 @03:54AM from the sucks-to-be-them dept.

A nasty little exploit has hit a large number of GoDaddy-hosted WordPress blogs this weekend. The best part is that the exploit only executes when the traffic is referred by Google, making it the sort of thing that site maintainers won't easily notice. Clever and devious.

12 of 112 comments (clear)

Min score:

Reason:

Sort:

I like their commercials by BadAnalogyGuy · 2010-04-26 03:56 · Score: 5, Funny

Their hosting services are pretty spotty, from what I've heard. On the other hand, they have commercials that really appeal to me.
The redirect leads you to the following URL: http://www2.burnvirusnow34.xorg.pl/
Goddamned Perl strikes again.
1. Re:I like their commercials by elysiana · 2010-04-26 05:36 · Score: 5, Insightful
  
  You know, a while back a friend of mine told me he had bought hosting at GoDaddy and was wondering if I'd help set up a site for him. I told him I wouldn't touch it until he got a better host, and he was shocked. His reaction was roughly, "What do you mean they're not reputable? They had Super Bowl commercials and everything!" Apparently people think that if a company spends millions on advertising, they must be upstanding.
  I worry.
2. Re:I like their commercials by Lumpy · 2010-04-26 05:55 · Score: 4, Insightful
  
  No it's a weakness of Wordpress, AND weak passwords.. Honestly, why is everyone all up in arms when a bunch of N00b's that dont know anything about site administration and security click on the one click install of wordpress and think it's an appliance because they are too damn cheap to buy wordpress hosting that has a team behind it making sure the stuff is updated and secure?
  This is as much go-daddy's fault as a drunk drivers crash is Fords fault.
  If you want a blog and not be a site admin then get it from http://wordpress.org/hosting/ and not worry about it. Otherwise dont come whining because you went for the lowest dollar hosting and are surprised that the cheap guy is not going to update your software for you.
  
  --
  Do not look at laser with remaining good eye.
3. Re:I like their commercials by Locke2005 · 2010-04-26 06:31 · Score: 4, Funny
  
  Apparently people think that if a company spends millions on advertising, they must be upstanding.
  
  Explain to them that Enzyte and ExtenZe also spend millions on advertising... upstanding indeed!
  
  --
  I've abandoned my search for truth; now I'm just looking for some useful delusions.
Inconceivable! by eldavojohn · 2010-04-26 03:57 · Score: 4, Funny

But but when I registered for a hosting service on GoDaddy, their commercial lead me to believe that even stripping sexy models use GoDaddy so how could something like this happen to such a reputable and honest company?!

--
My work here is dung.
1. Re:Inconceivable! by Hatta · 2010-04-26 04:38 · Score: 4, Insightful
  
  That probably was their strategy. McDonalds doesn't get a lot of business from serious diners, but they're not doing too badly. There's a lot of money to be made catering to the general public who's too ignorant to know good service from bad.
  
  --
  Give me Classic Slashdot or give me death!
This weekend, or two weeks ago? by devjoe · 2010-04-26 04:15 · Score: 4, Informative

I found this story mentioning a similar incident regarding WordPress blogs, but it happened two weeks ago, rather than this weekend. The original site is slashdotted, so I can't tell if this is really the same incident or not.
Slashdotted to death. by gimmebeer · 2010-04-26 04:25 · Score: 4, Funny

Who needs viruses and chinese hackers to take down blog sites when you can just use slashdot?
Network Solutions had a similar thing by Anonymous Coward · 2010-04-26 04:32 · Score: 4, Informative

happen about a week ago, though I believe they indicated their FTP accounts had been hacked.
http://blog.networksolutions.com/2010/we-feel-your-pain-and-are-working-hard-to-fix-this/
It was annoying, but I just restored from the prior days backup and went on. I only had one FTP account and a strong password and mine got hit.
1. Re:Network Solutions had a similar thing by Lumpy · 2010-04-26 05:58 · Score: 4, Insightful
  
  there is no such thing as a strong password on a FTP account.
  If you did not upgrade to SSH and SFTP from your control panel then you should not be managing a hosting site.
  
  --
  Do not look at laser with remaining good eye.
We reported this to them on 3/11 by isThisNameAvailable · 2010-04-26 04:36 · Score: 4, Informative

One of our departments decided to do their own thing and host a site on GoDaddy. Not sure if it was Wordpress or not, but the same thing happened to them. We reported it back on 3/11 and moved the site. Way to get in front of this thing GoDaddy! Oh, and it wasn't just Google. Referrers from Bing and Yahoo would redirect to the same link spam page.
Don't you mean the worst part? by DigitalReverend · 2010-04-26 04:50 · Score: 4, Funny

The best part is that the exploit only executes when the traffic is referred by Google

I suppose if this was a hacking site, it would be considered the best part, but it's actually the worst part because it may go unnoticed. Who's side are you on?

--
I read Slashdot for the headlines, because the headlines, unlike the articles, are usually original and never duplicated