Feeds

Go Daddy mass hack points surfers towards malware

Password-snaffling miscreants hijack 445 sites

Intelligent flash storage arrays

Hundreds of Go Daddy sites were compromised to point towards a site hosting malware last weekend.

The mass hack of around 445 sites involved the injection of hostile code into the .htaccess files of the sites. Go Daddy quickly removed the hostile code before working with its customers to take back full control of the sites, which were reportedly compromised by a password hack.

Go Daddy’s chief information security officer, Todd Redfoot, told Domain Name Wire: "The accounts were accessed using the account holder’s username and password.”

It's unclear how the passwords needed to pull off the attack were obtained, but some sort of targeted phishing attack is one likely explanation. Go Daddy's investigation into the attack continues but Redfoot suggested the blame for the mass hack was outside Go Daddy's control.

"This was not an infrastructure breakdown and should not impact additional customers," he said.

Web security monitoring firm Securi warned of the mass hack on Thursday. Its blog post about the attack suggests the malicious code was targeted towards surfers visiting the affected domains via Google or other search engines rather than those who had arrived directly. Such trickery is often part and parcel of search engine manipulation attacks designed to redirect surfers hunting for content related to items in the news towards scareware portals.

This kind of trickery often takes advantage of insecure WordPress installations and the like, so the apparent use of password-snaffling trickery in this case suggests the bad guys are becoming more aggressive in their hunt for sites they can abuse for their own malicious ends. ®

Security for virtualized datacentres

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Shellshock over SMTP attacks mean you can now ignore your email
'But boss, the Internet Storm Centre says it's dangerous for me to reply to you'
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
China is ALREADY spying on Apple iCloud users, claims watchdog
Attack harvests users' info at iPhone 6 launch
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.