Sign in / up

back to article Network Solutions customers hit by mass hack attack

Network Solutions' security team is battling a mysterious attack that has silently infected a "huge" number of the websites it hosts with malicious code. The mass compromise affects sites running WordPress, Joomla, and plain-vanilla HTML, according to reports here and here from Securi Security and Stop Malvertising. Many of the …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Quxy
    FAIL

    Overpriced and lousy security

    Since ICANN, there's been no reason to use NSI as a registrar; and they've always been a poor choice for web hosting. Security breaches seem to be routine over there; and they confess that they still don't know how 600,000 names/addresses/CC# were stolen from their "secure" servers last summer.

    0 0
  2. Matthew Anderson

    oh dear

    My websites bring me in a healthy chunk of cash. I know what I would be doing if I was a network solutions client and it doesn't involve buying them an xmas card..

    0 0
  3. OrderZero
    Stop

    Failure

    Why would people continue to do business with this company after so many breaches do people simply not care about their privacy anymore?

    In any event I recently was hired as a freelancer to remove a message popping up in browsers that said "Malicious site" I poked around, yes it's Wordpress (not publicly vulnerable nor privately as far as I'm aware) and soon afterwards I saw the host and knew immediately how it happened. It was a simple iframe pointing to a blank page containing javascript highly obfuscated but when deobfuscated led to a familiar drive-by exploit It's a shame that a company this large is so insecure.

    0 0
  4. Anonymous Coward
    FAIL

    The servers are

    only as secure as the code that's on there. If you're running old code, expect your site to get done over from all the exploits that you're allowing. Most people simply upload Wordpress or Joomla or something, and think that's all they need to do. They don't bother securing it, they never bother updating it, and they use untrusted unofficial third party modules that have exploits in them.

    Then they come crying to anyone and everyone when their site gets compromised, instead of taking the responsibility themselves for not knowing what they're doing.

    It doesn't matter how idiot proof you make scripts or servers, there's always a bigger idiot out there.

    0 0

  5. This post has been deleted by its author

This topic is closed for new posts.