Comments on: Continuing attacks at GoDaddy – Losotrana.com

By: Yet another series of attacks – This time using whereisdudescars.com | Sucuri

Sat, 17 Jul 2010 05:41:41 +0000

[...] is interesting is the people behind this attack. Do you remember the losotrana attack and many others we discussed in the past few months? Well, the people involved in this one [...]

By: Howard

Howard — Fri, 16 Jul 2010 10:58:55 +0000

My GoAwayDaddy account has been compromised and GoDaddy is not being helpful at all.
Stay away from GoDaddy!!

By: http://sucuri.net

http://sucuri.net — Thu, 03 Jun 2010 14:10:29 +0000

Anonymous: That's a different malware:http://blog.sucuri.net/2010/06/web-site-security-it-starts-with-your.html

By: Anonymous

Anonymous — Thu, 03 Jun 2010 14:02:00 +0000

One of my websites has been attacked .the following line was added to my site:
script src=http://deryam.biz/wapchat/photos/umumi.php
the website is hosted at godaddy iis . i think it is the same problem isn't it?

By: Anonymous

Anonymous — Wed, 26 May 2010 10:27:46 +0000

Let me know when WordPress releases a version without PHP.

By: greg

greg — Tue, 25 May 2010 04:07:01 +0000

I think you have it right looking seriously at PHP.
My GoDaddy site was hit 3 times, first was an unrelated PHP contact form (not in the root folder), then a Wordpress site that just melted and finally a Modx rebuild of my blog was hit while I was online in the manager interface.
All in 3 days, any static HTML was untouched, I am not a PHP programmer but a language that is loosely typed, uses global variables and regular expressions that are impossible for a human to read has got to have a lot of soft entry points, especially on a shared server.
Apart from looking for a dedicated virtual server, I have pulled out the Java and Ruby tutorials for a refresher.
It's much harder having to code without simple frameworks and more expensive delivering the end result but I for one have decided PHP on shared hosting is only for sites that are no big deal if I loose them.
Any small client sites I leave PHP out of the mix if I can.

By: Anonymous

Anonymous — Mon, 24 May 2010 16:42:42 +0000

Why does it not make sense that PHP is a bloated hunk of junk and PHP could be the reason that hackers are getting in. Its happening with more hosts than GoDaddy and other scripts other than WP. To me as a programmer I would be looking at PHP and where you are getting it from, better yet move to .ASP or .NET, attacked more, but hacked less and less is better for me.

By: Anonymous

Anonymous — Thu, 20 May 2010 16:52:38 +0000

The latest GoDaddy nonsense:
"While transparency is something we value, when Internet users release information about the attacks, such as the code used to create them, it really only helps the hackers. As they gain clues into our investigation, it gives the attackers more power."

This is *such* BS. The hackers know EXACTLY what they're doing, they're not going to learn anything from sites like this one, the godsend Sucuri Security... It's the REST of us, the site owners and webmasters, who are the ones who need to know!

WHY can't you solve this GoDaddy, and WHY have you tried to keep everything a secret while blaming US?

After four years, I am DONE with GoDaddy. You failed YET AGAIN to protect my site/business this week, for the fourth time in two months, and that is one strike too many... Say goodbye to me and thousands of others, I am sure.

By: Anonymous

Anonymous — Thu, 20 May 2010 12:42:03 +0000

Hi,

I am seriously worry about the long attack time (more than one week of work of hosting support teams…).

I am a system administrator from spain and none of our customers are affected this time, but it a problem too…

I want to offer all people that are investigating possible security holes an idea that i dont read in the blog or comments… Some months ago we detect some apache (and php?) threads and childs that they are kidnapped from another child. What mean this? Someone of the neighbour (a domain on same machine) can kidnap an apache thread (and childs) of another user and if it is combined with the apache privileges can put a file in another domain or can redirect user to another page…

Take care about all running apache processes

This bug must be fixed but maybe there was not solved correctly.

Good luck with your sites and remember that security of your sites begin in You

By: Anonymous

Anonymous — Thu, 20 May 2010 10:28:51 +0000

The problem in Godaddy continues...

My wordpress file monitor detect another file put in my host by the hacker:

This email is to alert you of the following changes to the file system of your website
Timestamp: Thu, 20 May 2010 16:12:33 +0200

Added:
guilbert_being.php

I deleted and all my files are ok...