Hundreds of Go Daddy sites were compromised to point towards a site hosting malware last weekend.

The mass hack of around 445 sites involved the injection of hostile code into the .htaccess files of the sites. Go Daddy quickly removed the hostile code before working with its customers to take back full control of the sites, which were reportedly compromised by a password hack.

Go Daddy’s chief information security officer, Todd Redfoot, told Domain Name Wire: “The accounts were accessed using the account holder’s username and password.”

It’s unclear how the passwords needed to pull off the attack were obtained, but some sort of targeted phishing attack is one likely explanation. Go Daddy’s investigation into the attack continues but Redfoot suggested the blame for the mass hack was outside Go Daddy’s control.

“This was not an infrastructure breakdown and should not impact additional customers,” he said.

Web security

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2011/09/19/go_daddy_mass_compromise/