

GoDaddy out of control - Sites hacked again - fseek
http://blog.sucuri.net/2010/05/continuing-attacks-at-godaddy.html

======
fseek
I am definitely moving away from GoDaddy. I had some small sites on their
shared servers that just got hacked again..

If you are not following, this is the 3rd mass hack at godaddy in just a few
weeks:

[http://smackdown.blogsblogsblogs.com/2010/05/13/hosting-
with...](http://smackdown.blogsblogsblogs.com/2010/05/13/hosting-with-godaddy-
might-want-to-rethink-that-decision/) [http://blog.sucuri.net/2010/05/found-
code-used-to-inject-mal...](http://blog.sucuri.net/2010/05/found-code-used-to-
inject-malware-at.html)

------
sucuri2
These attacks are being done by the same group. In the last few weeks, they
used:

http :// www.indesignstudioinfo. com http :// zettapetta. com http ://
holasionweb. com http :// www. losotrana. com

All of them registered by the same person (and hosted at the same IP). I had
my share of problems with GoDaddy, but let's not forget that they are victims
as well.

~~~
kevingadd
I would suggest changing those so they aren't active hyperlinks.

~~~
sucuri2
Good idea, fixed.

------
kristofferR
It common knowledge that shared servers at GoDaddy never have been anything
better than average, but a lot of people think that GoDaddy still is the place
to go for domains. Trust me, there are a lot of better options out there.

I really like <http://www.internet.bs>

Their domains are the among the cheapest on the internet (7.15$ with free
privacy settings, Godaddy would take over 20$ for the same offer), they have
great support, a great API, and a simple (although ugly) website/domain
registration process. GoDaddy on the other hand, has a completely bloated UI
designed into tricking you into buying a lot of junk that you don't need.

~~~
sireat
Thing is, GoDaddy domains are similarly cheap if you use the widely available
coupons. My last renewals were around $7. I am pretty sure no one is disputing
bloat on GoDaddy UI... even Bob Parsons.

That said, Namecheap is another good registrar, which I have had occasion to
use.

~~~
tdupree
It seems just about any choice is better than godaddy. I have found 1and1 to
be pretty decent. Private registration, decent control panel, and around $7 as
well.

------
oscardelben
I'm not surprised. I use godaddy for hosting domain names but their interface
seems really complex. This makes me think that they have an even more complex
infrastructure with possibly many holes. It's also possible that they don't
have yet fixed the issue because of internal bureaucracy.

~~~
eli
<http://twitter.com/hotdogsladies/status/1553046234>

------
vegashacker
Headline should be edited to "GoDaddy sites hacked again."

------
eli
Is it possible that some group is just targeting GoDaddy-hosted blogs for
attack, or is it definitely a failure in their shared server security?

------
sireat
I had a friend who was hosting at a relatively small ISP who got attacked
similarly. Luckily, those attackers were very clumsy and broke HTML in process
(didnt close tags properly), making detection very easy.

I was researching a bit on how these attacks are done, but still not sure on
details.

Someone gains root on host machine and then gets to the individual instances?

------
drivebyacct
The fact that HN users use GoDaddy for hosting is... well let's just say it
challenged some of my lofty assumptions about the intelligence of HN users.

