After an “extensive investigation”, Go Daddy today released a statement with their findings about the bibzopl.com malware that has been infecting some Go Daddy hosted websites beginning in February. They claimed the malware infection is due to users running an outdated version of WordPress that have been “set up in a particular way”. This information is inaccurate as the malware has infected websites that are not running WordPress and websites running version 2.9.2 of WordPress. The malware infects files with the php extension. Since WordPress uses .php files and is the most popular content management system, a lot of the websites infected have been WordPress based. This possibly led to their inaccurate identification of the underlying issue that caused the websites to become infected. If Go Daddy does not discover and fix the actual underlying issue, websites could again be infected with malware.
Here is Go Daddy’s entire statement:
WordPress is a-ok. Go Daddy is rock solid. Neither were ‘hacked,’ as some have speculated.
After an extensive investigation, we can report there was a small group of customers negatively impacted. What happened? Those users had outdated versions of the popular blogging software, set up in a particular way.
This underscores the importance of installing the latest Web applications, no matter where you are on the Internet. If you use Hosting Connection, automatically update WordPress to version 2.9.2 using the simple 3-step update offered when you log-in.
And, while we’re on the topic of Web security and Best Practices – be sure all your online passwords are unique, secure, and in a safe place.