GoDaddy WordPress Blogs Infected With Malware [Alert]
CONNECT WITH HBB ON SOCIAL MEDIA
Majority of WordPress blogs hosted on GoDaddy were infected with some kind of malware for the past few days. Just now confirmed this news with some sources.
GoDaddy released this statement on 09-18-2010 at 2:43pm CST,
An exploit affected PHP files on approximately 150 Go Daddy accounts Friday afternoon. Go Daddy’s Security Team worked quickly to clean and restore these websites, however, we have detected additional customer sites that may currently be experiencing difficulties due to this same attack.
Go Daddy’s Security Team has identified the cause. Our forensics have determined malicious files are being uploaded via FTP to customer websites. Go Daddy is asking all customers who believe they have a problem to change their FTP passwords.
Meantime, our team is working swiftly to restore all affected websites and appreciates customer feedback. Go Daddy will continue to monitor as long as it takes to ensure our customer accounts are clean.
If you suspect your site was impacted, please fill out our security submission form, located here – https://www.godaddy.com/community/contactus.aspx?ci=15534§ion=support.
Go Daddy Chief Information Security Officer
Common Symptoms Of This Malware
- If you visit the infected website/blog, it redirects you to websites like , http://www4.megaav-soft74.co.cc, etc.
- The .php files located on the server have the same “last modified” date and approximately the same time.
<script src="http://myblindstudioinfoonline.com/ll.php"> </script>
<script src="http://theblindstudioinfoonline.com/ll.php"> </script>
If Your Blog Is Infected By This Malware
You really need to calm down (like I did :D) and just follow the below mentioned basic steps.
- Just stay calm and run a virus scan on your computer to make sure it is not infected.
- Use a maintenance plugin and make your site inaccessible so that your visitors won’t be infected with this malware.
- Change the password for FTP and WordPress.
- Try this simple solution to remove all the malware.
- Remove the “eval(base64_decode(“aWYoZnVuY3Rpb….” codes from your theme files.
P.S. It is recommended to use the latest version of browsers.
Google’s Safe Browsing Report
According to Google’s Safe Browsing report,
If you are facing serious issues, then contact GoDaddy or Security service like Sucuri.
Want to discuss your queries and interact with experts? You can connect with HellBound Bloggers (HBB) Facebook group for free!
Join HellBound Bloggers (HBB) and get Instant Updates. We'll also notify you with Great Deals, Discounts and other Interesting Tips. We won't SPAM or SHARE your Email Address with anyone.
YOU CAN ALSO SEARCH FOR YOUR DESIRED TOPICS:
Thank you for reading! We welcome and appreciate your comments, but at the same time, make sure you are adding something valuable to this article. If you have any serious queries, suggestions or anything related to this article, feel free to share them, we really appreciate that.
But, if your blog comments are a random "Thank you", "Useful Post", or anything that doesn't actually upscale the article, then we'll be removing them and it won't be appeared below. Thanks for understanding and thanks for connecting with us. If you want to give us any feedback or report any errors, you can kindly contact us and we'll revert back soon.
- Facebook Comments
27 CommentsFacebook Comments