Posted by Jason Remillard on Wed, May 12, 2010 @ 02:40 PM
Thought you were safe in the forest this spring?
As reported yesterday, and now reinforced by our friends at wpsecuritylock.com, the godaddy malware infections continue to grow, and now seems to be spreading across different hosters and now targetted applications.
Not only Wordpress installs are being affected, but now Joomla and 'standard' html-based websites. This lends more credence to our initial diagnosis that these hacks are actually the result of a platform-based attack, and spreading from the 'inside'. 
More details will be released as we learn more. In the meantime, if you are affected, please follow the instructions here and/or make sure you get a free malware/vulnerability scan here.
Posted by Jason Remillard on Mon, May 10, 2010 @ 01:03 PM
As widely reported in the past few days, major hosting operations such as GoDaddy, Verisign, Bluehost and others are being subjected to coordinated attacks on Wordpress and ZendCart installations.
At this point, while everyone sorts out the mess, it is unclear about how all of them are being affected (opinion is 50/50 that is from the 'inside' - that is a major server vulnerability vs. a software vulnerability).
As with all wordpress installations, we recommend that enduser/bloggers install our free to the open-source community WP-Secure by SSM Wordpress Security Plugin.
This plugin does the basics of security that all WordPress users should be doing by default, but usually don't due to complexity or time constraints.
SiteSecurityMonitor.com provides affordable and reliable vulnerability and malware scanning services for Wordpress blogs, and all sorts of ASP/SaaS based web site solutions. SSM also offers a free onetime trial scan to all of its customers.