WHID 2007-76: A large web hosting firm inflicted by mass malware installation

The Washington Post ran a story about a large scale infiltration to IPower, a major hosting provider. According to the story and the following comments, it seems that the problem is plunging IPower for a long time without being resolved. Put in perspective the PlusNet incident which was serious but swiftly handled and publicly acknowledged by the company.

Actually the problem is so dominant that a recent StopBadware report lists Ipower as by far the most Malware infected hosting company. Reports mention that the problem started as early as mid 2006.

The root cause of the breach here is mentioned as being a vulnerability in either Apache, PHP or cPanel. I have selected the third as being more probably until further evidence materialize.

Additional information:

Cyber Crooks Hijack Activities of Large Web-Hosting Firm [Washington Post, May 23 2007]
StopBadware.org Identifies Companies Hosting Large Numbers of Websites That Can Infect Internet Users With Badware [StopBadware, May 4 2007]

Attack Method:

Known Vulnerability

Incident Outcome:

Planting of Malware

Add new comment

WHID 2007-76: A large web hosting firm inflicted by mass malware installation

Science or Religion?

Further Research

Presentations

You are here

WHID 2007-76: A large web hosting firm inflicted by mass malware installation

Science or Religion?

Further Research

Presentations