NEWS Spammers hijack 1000s of domains exploiting a vulnerability in Godaddy's DNS setup process

  • Dear DNForum.com user. We have been forced to alter your password in order to maintain your account security. This process can take up to 24 hours.

    There have been attempts to access accounts that are from 2014 or older and therefore we have seen it necessary to do a hard reset of all user passwords.

    If your current password does not work, please use the following link to reset your password
    https://www.dnforum.com/lost-password/

    If you encounter any issues please contact us via the contact form here:
    https://www.dnforum.com/misc/contact

    We are actively investigating this issue and will update you on any progress we make. While this process is ongoing server response times might be sluggish and certain features, like advanced search, will be unavailable. We are very sorry for this inconvenience but it is necessary to protect your account.

    Best Lars AKA Castion

Castion

Managing director of DNForum.com
Staff member
Administrator
Moderator
Exclusive Member
Registered User
May 9, 2006
1,135
675
CPH
banner
#3
Wow indeed. I only heard of this today, Godaddy did a pretty good job of not making this a big story.
 

onlinetv

Platinum Member
Registered User
Sep 22, 2007
180
8
Spain
www.onlinetv.com
#5
I have only one website under the godaddy dns services. They gave me the free website because I was a pro reseller. At first I hosted the site I use to sell domains. It was hacked in a couple months. Simple wordpress site. Somehow they hacked right in and took over the whole deal placing a gay porn site on it. The web site got banned on all services because of the malware on it. It took me days to clean it up. I still have their source in a zip file. I did nothing with the site for a long time and then I hosted another game site, selling weather prediction devices, as it was basically a one page site that did sales. It too was hacked within a couple months, and that was this year! I cleaned up the site, remade it new, and locked it down with every trick I knew and new tools. It still uses their dns servers, but it has been okay since renewed and locked down. No users, no rss feeds, nothing for interaction. It should just be an html site but you can strip most of the interaction stuff out of wordpress if you want and it is a good CMS. When the seconds hack came there I knew it had something to so with GoDaddy and not the software. I have 100 other sites on other hosts, and through the years many, many hosts. Never had this kind of problem, never hacked, until one under godaddy. If you use them BEWARE and watch your site closely. They are really big and that is the reason they are a big target.
 
Likes: Mr. Deleted

Mr. Deleted

DNForum.com
Staff member
Moderator
Exclusive Member
Jul 24, 2004
4,007
433
Planet Earth
slabaugh.com
banner
#6
I have also been hacked on Hostgator and they are big, but also I am not sure what the deal was, but some host I had with Phpbb forums and they kept getting hacked all the time. That software was just not secure at all. And then I tried for 2 weeks to move my sites from HostGator to another host, and they noticed ONE adult domain and in an hour or so I was offline, permanently suspended. I still have the files so I can move my sites again, but I wanted off Hostgator, so now I am not sure what to do. Any cheap good plans out there?
 

onlinetv

Platinum Member
Registered User
Sep 22, 2007
180
8
Spain
www.onlinetv.com
#7
I have also been hacked on Hostgator and they are big, but also I am not sure what the deal was, but some host I had with Phpbb forums and they kept getting hacked all the time. That software was just not secure at all. And then I tried for 2 weeks to move my sites from HostGator to another host, and they noticed ONE adult domain and in an hour or so I was offline, permanently suspended. I still have the files so I can move my sites again, but I wanted off Hostgator, so now I am not sure what to do. Any cheap good plans out there?
I have had great experience with Hostgator, they are big and cheapest of them. The hack? Oh yeah that phpbb is a pistol! I was hacked on that several times before I gave it up. I dont know why it is such a big target but everytime I used it, it got hacked.
I had a problem only two times with Hostgator. Once because I had a conspiracy site and some idiot complained. They told me to get that site off the account and the account would not be suspended. I had been with them about 8 years at that time so they were kind to me. I moved it to free hosting for freedom of speech sites.
Also left Hostgator when they would not give out the free SSL, about 2 years ago, and went to Dreamhost because Hostgator only offered paid options. After a year and a half they realized they have to offer the free ssl so I returned. Dreamhost is okay if you know UNIX or its' derivatives. The sites respond slower and they bug you constantly to upgrade to your own server, but they are okay.
I would talk to Hostgator and work it out (I had a site that was used for "escorts" and they did not seem to bother but maybe never noted it. They really have the best for your buck. and Find something else instead of phpbb! It seems it is a hacker magnet for some reason.