Go Daddy has released another statement about the bibzopl.com malware that has been infecting some Go Daddy hosted websites. The most recent statement continues their misinformation about the issue, while claiming that they are a “target for speculation and misinformation”
The largest piece of misinformation is that the cause of the malware is outdated software whether WordPress, as Go Daddy first blamed, or other software. The malware has infected websites running up to date software and websites not running any web software. As we have explained, since February, the malware infects files with the php extension. Many pieces of web software use the .php files, possibly leading to Go Daddy’s most recent inaccurate identification of the issue.
In their most recent statement Go Daddy claimed “both the prevention and the cure not under ” their control, which is not true. The cause of the infection is due an issue within Go Daddy’s systems. They are the only ones that can discover and fix the issue.
There has also been misinformation that the malware has infected websites not hosted on Go Daddy. What seems to be causing confusion is that some people are unaware that there are many different hacks and pieces of malware out there, and they are not all related. The binglblats.com malware, that has been infecting Network Solutions hosted websites due to security issues they have,which has been claimed to the same is unrelated. The vast majority of hacks and malware are due passwords compromised due to password stealing malware on computers, outdated software, SQL injections, and other issues that have nothing to do with hosting providers. This malware has only infected Go Daddy hosted websites.
Here is Go Daddy’s entire statement:
Go Daddy Cares! Here’s some info…
We do take our position as an Internet leader seriously, especially when it comes to security. This is why we are going the extra mile to get the word out. We appreciate your invitation to answer the question, ‘What is Go Daddy doing to help?’
As the world’s #1 Web host provider, Go Daddy is a logical target for speculation and misinformation. With this exploitation issue, both the prevention and the cure are not under our control — because the customer decides whether to update the software they run. (If you think about it, it’s like forgetting to lock your car and blaming the auto manufacturer when your car is stolen.) Our job is to help identify issues and inform our customers about how they can protect their sites.
This is why we are working to proactively communicate and educate Internet users about this situation.
Here are a few of the initiatives we have going right now.
As a service to our customers and all Internet users:
- Go Daddy scanned our 4M hosted sites to identify sites impacted (we did this immediately upon learning about the issue last week, and again over the weekend).
- Contacting Go Daddy customers impacted by phone and/or email to let them know how to protect their sites (in some cases, we’ve alerted them even before they realize they are impacted).
- Go Daddy is also taking the leadership role with educational communication — posting Help Articles to our Community & Customer Service pages to provide “1,2,3 Info” on how to properly update software.
We’ll update the Help Articles as needed and also be posting another Help Article with actual illustrations/screen shots to make the security update process easy for even the most remedial of Web users to follow.
Phil Stuart
Go Daddy Communications