Using a new undiscovered security hole, hackers compromised all of HostGator‘s servers, and inserted trojans into their client’s websites :
HostGator says hackers compromised its servers using a previously unknown security hole in cPanel, the control panel software that is widely used by hosting providers. “I can tell you with all accuracy that this is definitely due to a cPanel exploit that provides root access and all cPanel servers are affected,” said HostGator system administrator Tim Greer. “This issue affects all versions of cPanel, from what I can tell, from years ago to the current releases, including Stable, Release, Current and Edge.”
This happens after the last 650 websites mass defacement, which happend in just a single day. Is it just me or the so called “stable and secure software” is becoming increasingly insecure with each passing day ? Ar we supposed to switch to Windows (Plesk) ? Or just buy hosting packages without Cpanel ? Or actually learn to secure Cpanel better ?
PS: This is a LIVE VML infection video of what happens to a workstation when it visits an infected website (like Hostgator’s hacked websites):
After we visit the infected site, we log into a PayPal account to show you an example of the information that can be stolen. This keylogger operates by indiscriminately capturing the entire contents of EVERY web form on any page — all data entered into your financial, webmail, and Intranet sites can be captured. We added some commentary to the end of the video to provide a brief explanation of what happens behind the scenes.
Read the whole article in Netcraft.