In a recurring pattern, GoDaddy-hosted sites running PHP applications may be under attack again as hackers inject malicious code onto their sites.
Web administrators who host their domains on GoDaddy should check their source code again for rogue code that downloads malware, according to a security research firm.
Sucuri Security updated its Oct. 30 post warning about the latest malware attacks on GoDaddy-hosted sites with another note on Nov. 3. The research company was investigating reports of "another related outbreak of exploited sites on GoDaddy," read the update.
The affected sites generally ran some kind of PHP Web application, such as Zen Cart eCommerce or popular CMS packages including WordPress, Drupal and Joomla, according to a post on GoDaddy’s blog. In a series of injection attacks, hackers were embedding malicious code into the site’s Web application, often through blog comments, according to Chris Drake, chief executive of security-conscious Web host provider FireHost.