In an interview Tuesday, Go Daddy’s Chief Information Security Officer Todd Redfoot claimed that the bibzopl.com malware that has been infecting some Go Daddy hosted websites was due users with outdated versions of WordPress installed in their account, which were exploited. Last Friday Go Daddy made the same claim, but by Monday they were claiming that issue was with users running outdated software, not just WordPress. In our contact with them they made they stated that it was not WordPress specific. There was no explanation for the most recent change in the claimed source of the infections.
The malware has infected websites and accounts that did not contain WordPress installations, and websites and accounts that only had WordPress installations running the latest version. There is no reason they should be unaware of this because they claimed to have “scanned our 4M hosted sites to identify sites impacted”, we have mentioned this information in our contact with them, their clients who do not have WordPress installations have been contacting them about the malware, and there are many comments on the Internet from their clients who do not have WordPress installations.
Mr. Reedfoot also stated that Go Daddy first spotted the “attack” on May 1, but the malware infections actually began in February and began to infect a large number of websites in April.
Go Daddy’s continued attempts to deflect the blame for issues within their own systems will not solve the issue. If they do not discover the actual underlying issue and fix it, websites could be reinfected with malware.