For nearly all of Sunday, InMotion Hosting's website customers were showing a hacked web page . It was not just a server hack, actually their whole data center was hacked. The perpetrator replaced every index file in every major directory of every account including the provider’s official sites. That could have affected as many as 70,000 websites.
The attack was first noticed about 4:00am EDT. Fortunately, this hack attack only displayed some unsophisticated art work and played a rap song.
This appears to be the same hacker who was previously successful with their attack on Google. The Hacker News interviewed the supposed Bangladesh perpetrator, TiGER-M@TE. They claimed to be hacking since 2007, working alone, and only using private exploits and zero-day attacks.
The fix this time was relativity simple. InMotion tech support said early Sunday morning, “you may upload your index.php files to correct this. You may need to do this for each directory. If your site uses an index.html or index.htm, you will need to upload those files, then delete the index.php.”
As of 6:00pm EST InMotion Hosting provided an update:
“Our systems’ team continues to work on the vps and dedicated clients and repairing the defaced index files. The system to counteract the hack has been built and is in its final testing. We really apologize for the delay, the system for working with vps and dedicated platforms are more complicated.
We also have brought in just about everyone on our T2S team. Once the vps and dedicated automated repair is complete, they will immediately begin work on servers that need additional help.
Currently, [xxxxx] is disabled on all platforms as we evaluate the situation and apply patches to the security problems that allowed this to occur. We should be able to enable access later today after running our final checks. FTP access is still available though.
Best Regards, The InMotion Hosting Team”
We appreciate one of InMotion Hosting customers calling about the attack. They prefer to remain unnamed for obvious reasons.
John M. Guilfoil, Blast Magazine's editor-in-chief, commented on the attack this way: “While we can respect TiGER-M@TE’s abilities, we are disappointed that our websites were hit. What truly concerns me, however, is that InMotion Hosting appeared woefully unable to prevent or defend against this kind of attack, even though homepage defacements have been going on seeming[ly] forever. We will consult with InMotion on Monday and plan to press the company to be more proactive in its security if InMotion values its customers.”
If one of the largest web hosting companies can be hacked, then just about anyone can be a target. BSN* does not use InMotion Hosting services.
© 2009 - 2013 Bright Side Of News*, All rights reserved.