[ISN] PHP Attack Hits GoDaddy-Hosted Sites Again

From: InfoSec News <alerts_at_private>
Date: Mon, 8 Nov 2010 00:15:36 -0600 (CST)

By Fahmida Y. Rashid

In a recurring pattern, GoDaddy-hosted sites running PHP applications 
may be under attack again as hackers inject malicious code onto their 

Web administrators who host their domains on GoDaddy should check their 
source code again for rogue code that downloads malware, according to a 
security research firm.

Sucuri Security updated its Oct. 30 post warning about the latest 
malware attacks on GoDaddy-hosted sites with another note on Nov. 3. The 
research company was investigating reports of "another related outbreak 
of exploited sites on GoDaddy," read the update.

The affected sites generally ran some kind of PHP Web application, such 
as Zen Cart eCommerce or popular CMS packages including WordPress, 
Drupal and Joomla, according to a post on GoDaddy’s blog. In a series of 
injection attacks, hackers were embedding malicious code into the site’s 
Web application, often through blog comments, according to Chris Drake, 
chief executive of security-conscious Web host provider FireHost. 


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Sun Nov 07 2010 - 22:15:36 PST

This archive was generated by hypermail 2.2.0 : Sun Nov 07 2010 - 22:27:30 PST