On Friday, Go Daddy released a statement that claimed that “extensive investigation” they had determined that bibzopl.com malware that has been infecting some Go Daddy hosted websites was due to users running an outdated version of WordPress that had been “set up in a particular way”. In our post about the statement, we explained why this was inaccurate and warned that if the actual underlying issue was not discovered and fixed websites could again be infected with malware. Early on Saturday the websites were reinfected, this time the malware calls a JavaScript file from kdjkfjskdfjlskdjf.com.
By this morning Go Daddy had amended their statement. They have removed the claim to having performed an “extensive investigation” into the issue. The have also removed the claim that the malware is WordPress specific, simply blaming the infections on the use “outdated software”. This claim is inaccurate as it has infected websites running up to date software and websites not running software. As we have explained since February the malware infects files with the php extension. Many pieces of web software use the .php files, possibly leading to Go Daddy’s most recent inaccurate identification of the issue. Again, if the actual underlying issue is not discovered and fixed websites could be reinfected with malware.
Here is Go Daddy’s amended entire statement:
If you are experiencing difficulties with your site, you may be using outdated software and unknowingly hosting malware.
For easy-to-understand information on how to remove the malware and update your software, please click on our Help Article.
If you use Hosting Connection, automatically update WordPress to version 2.9.2 using the simple 3-step update offered when you log-in.
And, while we’re on the topic of Web security and Best Practices – be sure all your online passwords are unique, secure and in a safe place.