We recently got numerous reports that people who had sites that were hosted with several hosting networks got hacked by a “Bulk Injection” and are now being infected.
People who got infected before were told by one of the hosting providers to change their cPanel/FTP password, because they suspected that the problem was due to poor authentication measures customers had set. However, we got one report that even after one customer changed his login details, he got hacked again in the next wave of attacks.
Go Daddy, BlueHost, DreamHost, and BizLand are all working hard to find ways to prevent any further attacks on their customers. We will continually update everyone as we get more information, meanwhile we have a list of things you can do to attempt to prevent any further attacks on your sites. These are not just for customers the hosting service providers, but globally great ideas for people who want to keep their sites secure:
- Change all passwords to include characters that can’t be guessed or brute-forced. It should be around 14 characters and should include upper and lowercase letters (a-z/A-Z) and numbers (1-9). Feel free to be extra secure and include other characters, for GoDaddy they would be: (asterisk *, hyphen -, underscore _, equal sign =, and period .).
- Keep your site directories clean and uncluttered – carefully go through and delete old/unneeded files.
- Keep everything UPDATED! If you are nervous about updating your static or WordPress site, you can hire our wordpress security specialists to do that for you. Why risk getting hacked?
- Check your database for integrity, make sure the passwords are secure and that the database is clean and uncluttered as well. You can also hire our wordpress security specialists to help you with this.
We got a report from Websense with the following information regarding the hosting network providers:
“During the first week of September 2010, the number of affected websites ranged from 22,000 to about 39,000 depending on the day. According to the data collected by Websense, BlueHost was the most affected hosting company and accounted for 38% of compromised websites. It was followed by DreamHost with 28%. BizLand and Go Daddy acquired the third and fourth spot with 19% and 12% respectively.”
Please feel free to comment below with your opinions and other comments/questions!
WordPress Security Specialist
WPSecurity Lock Team Member
- Websense article – http://community.websense.com/blogs/securitylabs/archive/2010/09/07/mass-injection-targets-sites-serviced-by-famous-web-hosting-companies.aspx
- Hacked September 17 – https://wpsecuritylock.com/godaddy-resolves-myblindstudioinfoonline-malware-hacked-websites/
- Hacked September 21 – https://wpsecuritylock.com/go-daddy-fixing-hacked-websites-for-customers/