Latest news of the domain name industry

Recent Posts

Network Solutions under attack again

Kevin Murphy, April 18, 2010, 22:36:14 (UTC), Domain Registrars

Network Solutions’ hosting operation is under attack for the second time in a week, and this time it’s definitely not a WordPress problem.

The company has acknowledged that it has “received reports that Network Solutions customers are seeing malicious code added to their websites”, but has not yet released further details.

Sucuri.net, which was intimately involved in the news of the hack against NSI’s WordPress installations last week, blogged that this time the attacks appear to have compromised not only WordPress, but also Joomla-based and plain HTML sites.

Last week’s attacks were eventually blamed on insecure file permissions, which enabled shared-server hosting customers to look at each other’s WordPress database passwords.

But today NSI, one of the top-five domain name registrars, said: “It may not be accurate to categorize this as a single issue such as ‘file permissions’.”

Sucuri said that malicious JavaScript is being injected into the sites, creating an IFrame that sends visitors to drive-by download sites.

It’s a developing story, and not all the facts are out yet.

But it’s clear that NSI has a public relations problem on its hands. Some customers are already using Twitter to declare that they will switch hosts as a result.

And if it’s true, as Sucuri reports, that Google is already blocking some of the affected sites, who can blame them?

Tagged: , , , , ,

Comments (1)

  1. Michele says:

    I’d wait and see what the actual cause is

    Last year there were a LOT of problems with Gumblar and its derivatives – and we still see them cropping up from time to time. Google will block sites temporarily if they are infected with malware, but you can get relisted once you clean the site

    What needs to be seen is the actual cause ie. is it something bizarre on the host’s side or something else.

Add Your Comment