Re: GoDaddy fights back against a hacker attack that hit 445 web sites

[Jeffrey Walton <noloader () gmail com>]

On Sun, Sep 25, 2011 at 2:15 PM, Joel Esler <joel.esler () mac com> wrote:
> Where's the "fight back" part?
Yep, and where did the username/password list come form? And how about
the banking details siphoned?

"Forty-six states, the District of Columbia, Puerto Rico and the
Virgin Islands have enacted legislation requiring notification of
security breaches involving personal information" [1]

Jeff

[1] http://www.ncsl.org/default.aspx?tabid=13489

> On Sep 25, 2011, at 10:35, Jeffrey Walton <noloader () gmail com> wrote:
>
> > http://www.internetretailer.com/2011/09/23/godaddy-fights-back-against-hacker-attack
> >
> > GoDaddy.com Inc,... says it “quickly” removed malicious software code
> > that had infected approximately 445 of its clients’ web sites last
> > week....
> >
> > Hackers had used the usernames and passwords of Go Daddy account
> > holders to enter the protected areas of their web sites, then
> > installed software code that redirected visitors to a fraudulent web
> > site designed to capture consumer account information...
> >
> > GoDaddy did not say how many of the infected sites were retail sites.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.