Hundreds of Go Daddy sites hacked, redirected to malware

It looks like no one on the internet is immune to foul play, not even hosting company Go Daddy. It was reported today that hundreds of the company’s sites were compromised. Visitors coming to those sites from search engines were redirected to a page containing malware.

Hundreds of Go Daddy sites hacked, redirected to malware

Cnet talked with Todd Redfoot, chief information security officer at Go Daddy, who gave some details on the intrusion.

“Wednesday, Go Daddy’s Security Team detected that approximately 445 hosting accounts were compromised. The accounts were accessed by using the account holder’s username and password.”

Considering Go Daddy hosts some 5 million accounts, 445 impacted sites isn’t a huge number but if your account was among those hacked it’s not exactly a comfortable feeling.

Redfoot assures customers that this isn’t an ongoing issue and that the problem was identified and fixed the same day.

“We are still investigating the issue, but so far our security team is confirming this was not an infrastructure breakdown and should not impact additional customers,” he said. “We quickly removed the malicious code and went to work to assist each of our customers to address the issue.”

Go Daddy still hasn’t figured out how user names and passwords were obtained though Redfoot speculated to Cnet that it could be malware like key loggers or potentially an email phishing scheme. He went on to explain that he didn’t see any trend in the types of sites that had been compromised which gives some credence to the idea that phishing or malware was the cause.

If a visitor was to attempt to access any of the compromised sites via a major search engine they were immediately redirected to another site that attempted to install malware on the user’s computer. Redfoot did not detail the exact type of malware or the site that was being redirected to.

While it’s not fantastic that this happened, Go Daddy being upfront about the attack and immediately jumping in to solve the problem is reassuring. Hopefully their users will be extra vigilant about phishing or malware in the wake of this.