Comments on: Second round of GoDaddy sites hacked

By: Selfhosting or not: Hackers

Selfhosting or not: Hackers — Sun, 11 Jul 2010 12:07:39 +0000

[...] Godaddy has been a victim of two series of attacks, one on April 27 and a second one on May 1. I was a victim of both attacks for one of my sites. Even though my particular site was running [...]

By: Anonymous

Anonymous — Mon, 24 May 2010 10:09:28 +0000

I've removed wordpress completely and it's still hacking my site once a month or so. Ahhhhhhhh

By: http://sucuri.net

http://sucuri.net — Thu, 20 May 2010 17:00:53 +0000

Singha:

Can you send me your site name? I will take a look for you.

By: Singha

Singha — Thu, 20 May 2010 16:57:37 +0000

I'm on Bluehost, and have two tikiwiki sites and two drupal sites that have this same hack. The fix from Sucuri here has not helped at all. Anybody have any idea what I can do to get my sites back online?

By: Ivo

Ivo — Wed, 19 May 2010 13:29:44 +0000

Hacked here too, also eval decode base64… I have millions of php files injected with shitty code… not cool, not fair it sucks asss!!! fak em

By: Mark

Mark — Mon, 17 May 2010 13:30:22 +0000

I'm running Drupal on my GoDaddy based hosting and I too had the base64 encoded hack show up on all of my .php files, not just the Drupal specific files. Part of me is relieved that I'm not the only one experiencing this problem but I'm furious with GoDaddy, as it has cost my site a great deal of traffic and worse yet, eroded the trust with our users.

By: Anonymous

Anonymous — Mon, 17 May 2010 00:19:43 +0000

I'm just wondering, specifically, what the symptoms of this new hack would be? Immediately, I suspected my site was hacked (before I even read this thread), when I launched my hosting control, went to the file manager, and was completely missing my "Current" file panel (rather, the file directory). I show files in my main window, but I have no access to them, like, at all. I can't even restore them from the history panel (it just loads infinitely).

Was I hacked, do you think?

By: Anonymous

Anonymous — Thu, 13 May 2010 20:23:46 +0000

It has happened AGAIN!!! Our non- WordPress, non-CMS plain PHP site on Godaddy, http://toucanmultimedia.com has been hacked again, with base 64 encoded code inserted in all files with PHP extensions, same as a week ago.

By: jeev

jeev — Thu, 13 May 2010 09:03:52 +0000

ya guys for me also same issue from go daddy..my site hacked three times in two weeks..i really lost many regular visitors..i think go daddy become an useless provider..they taking more money than others and poor service..i already shifted from go daddy..i don't need "its not our fault" guys.

By: Anonymous

Anonymous — Thu, 13 May 2010 00:12:47 +0000

Mine got attacked 2x and GoDaddy said it isn't their fault it happened. They said it was due to an outdated Wordpress. I don't use wordpress, I have up-to-date joomla lol. then the stupid support team goes on not reading my question to them and how I don't get what is going on and they think I am crazy because I am the only case. I told them I am not the only case, google it. I told them it is something in the server itself, shared , etc. they said they looked and found nothing.

uh-huh.

Then how are people getting the same attack?!?!?! Then a dude from GoDaddy told me that the attack happened because I tried out Wordpress TWO years ago, and I had used their uninstaller and they said the files were not gone. I told the dude, they were gone because I am a cpu tech person and I like to make sure they are gone. I am like that.

GoDaddy really doesn't care what the customer has to say and it frustrates me. I wrote an article about this on my website today about this and also said if they don't fix this issue soon, they will be loosing a lot of business. Period. Thanks to GoDaddy my website was flagged once by Microsoft. I lost some business.

What did GoDaddy say to that?

It wasn't their fault and I need to update my wordpress files.

and again I have JOOMLA! what the heck does that have to do with WP?!? Geez GoDaddy!