Hackers exploited an unknown cPanel vulnerability to break into HostGator servers and plant malware on hosted sites.
Reported:
01 January 2008Occurred:
23 May 2007
Classifications:
- Attack Method: Known Vulnerability
- Country: USA
- Outcome: Planting of Malware
- Software: cPanel
- Vertical: Service Providers
The Washington Post ran a story about a large scale infiltration to IPower, a major hosting provider. According to the story and the following comments, it seems that the problem is plunging IPower for a long time without being resolved. Put in perspective the PlusNet incident which was serious but swiftly handled and publicly acknowledged by the company.
Actually the problem is so dominant that a recent StopBadware report lists Ipower as by far the most Malware infected hosting company. Reports mention that the problem started as early as mid 2006.
The root cause of the breach here is mentioned as being a vulnerability in either Apache, PHP or cPanel. I have selected the third as being more probably until further evidence materialize.
References:
This work is licensed under the Creative Commons Attribution License. To view a copy of this license, visit http://creativecommons.org/licenses/by/2.5/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
