GoDaddy: Hackers stole source code, installed malware in multi-year breach

I'll never use GoDaddy. They've been fronting their customers for literally decades. Few times I searched for a domain, the next day I search for it find it already reserved by them and on sale for hundreds of dollars instead of the regular $10 it was the day before. They've been abusing their power for as long as they've been in business.

&gt; A GoDaddy spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today<p>This is just a sign of GoDaddy&#x27;s complacency. I use Godaddy for domain registrations only. Yet I had my account taken over with a sim card attack&#x2F;swap and they spent so long to fix the issue that domains where transfered without locking.<p>Web Hosting, particularly &#x27;shared&#x27; hosting is extremely prone to regular banal attacks and requires extreme constant attention, customers less tech savvy would choose it for the very reason they know the Godaddy name, they&#x27;re expecting them to look after the tech work.<p>A Multi-Year breach is an incredible display of incompetence and neglect. I have no idea what the security&#x2F;monitor team are doing there but someone definitely dropped the ball, especially given the fact they admit that the 2020 break was related. It should have been and open and shut case from there.

This might solve a big mystery for me.<p>When I first set up my company&#x27;s website it was hosted at GoDaddy. Totally static site. It got &#x27;hacked&#x27; one day, with new php files and redirecting users to some nonsense. This was August 2016. The ftp server had a very long, random password. I changed it again after this.<p>It happened *again* March 2017, though different files were added. After this I moved my site to Digital Ocean.<p>I never found out how this happened.<p>Does anyone know how long this has been going on? The article didn&#x27;t give a definitive start date.

Long long ago, I needed a new website hosted and with no other decision towards the host than I had never tried GoDaddy, I gave it a shot. Within hours, I regretted the decision immensely. In comparison to my previous hosting experiences, it just pissed me off at almost every turn. It was the first time I experienced a company trying to make the interface for non-techy types and made getting to the guts of the tech hidden behind many layers that just frustrated me to no end. I canceled my account and have never looked back.<p>It is just another one of the examples of a company that advertises that intensely is probably a company I don&#x27;t really want to be involved.

<p><pre><code> &quot;We have evidence, and law enforcement has confirmed, that this incident was carried out by a sophisticated and organized group&quot; </code></pre> I like how they try to hide their incompetence with bullshit

What a disgrace of a platform. I&#x27;d understand dropping a c99 on a cPanel back in early 2000s but these days? What are the engineers doing at the company, collecting a paycheck and pretending to do work?<p>Speaks volumes for the culture being cultivated at GoDaddy.

Wow, multi-year is truly embarrassing. Hosts being compromised is the the worst case scenario because the attacker can decide who to serve the malware to in a spearphishing fashion.

I hate blaming the victim, but so much bad press had come out against GoDaddy it&#x27;s like complaining that the bear hurt you when you went into it&#x27;s den and disturbed it.<p>Friends don&#x27;t let friends use GoDaddy.

I am not surprised at all. Maybe 7 years ago I got called in to clean up a website &quot;hack&quot; where the site had a bunch of malicious JS on it. Site was hosted on GoDaddy.<p>Pulled the site down locally and started the regular process of find&#x2F;remove, but nothing was showing up. Hosting the site locally, the JS wasn&#x27;t being put on the page. Checked all the server files for stuff like php.ini, user.ini, etc etc. Nothing was showing up.<p>Created a plain info.php file on the account. That had the JS injected into it.<p>Started searching for other sites with the same JS, found a bunch, dozens. Started a search for &quot;neighbor&quot; sites to the one I was investigating, ones that most likely were on the same server. They ALL had the JS injected. Server was owned.<p>I alerted the client and sent a note into GoDaddy, like you need to check this out. Got a response that it was impossible for the server to be compromised and I should buy their Sitelock service for security. Instead we requested a migration to another server and that cleared up the issue.

I honestly can&#x27;t believe this company is still in business - it&#x27;s been terrible for decades.

Anyone want to recommend their favorite alternative web hosts?<p>I&#x27;ve tried A2 and NameHero and both were very solid along with fast&#x2F;great support.<p>Anything else I should look into?

I feel bad for the hackers that now need to read through GoDaddy&#x27;s code...

So was this a breach of cPanel that therefore could affect other providers that use cPanel?

Godaddy. One of the most horrible companies. Always was. Bob Parsons is a sad individual with many lovely quotes attesting to that fact. Hope this ends them.

I feel like this may be the same case at PayPal too. Identity theft and random emails were not even intended for me was my experience.

GoDaddy is a very complex thing. And bugs lurk in complexity. No wonder.