Early this morning a new variant of the bibzopl.com malware, this variant calls a JavaScript file from holasionweb.com, infected a large number of Go Daddy hosted websites. By this morning their PR department had already contacted us again, with continued misinformation about the issue. If they eventually decide to work on discovering and fixing the underlying security issue, instead of running a PR campaign that claims they are secure, the websites would stop getting reinfected.
Go Daddy continues to claim, when not claiming the issue is due to outdated WordPress installations, that this malware is due to “Individuals running outdated applications and software”. As we have posted before , and Go Daddy is well aware of, the malware has infected websites running up to date software and websites not running software.
If you are Go Daddy customer who has been infected and is running updated software, we would be interested to know what response you have received from Go Daddy about this issue.
Well I know my response… I left them so fast the door didn’t hit my ass on the way out.
All my personal sites and client sites were 100% up-to-date (WordPress core and plugins!) and despite submitting numerous tickets regarding the exploits, I received the same canned response – that it was because my software was out of date!
This is nothing but an epic security and customer service FAIL on their part.