Support » Requests and Feedback » WP exploit?

Viewing 7 replies - 1 through 7 (of 7 total)
  • Moderator Ipstenu (Mika Epstein)


    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    it’s a server hack, not WordPress.

    Change your passwords, for wordpress AND your server itself, including SQL. Look into hardening WP, but also contact go daddy about securing your server itself.

    Thanks for the info! The GoDaddy reps thought it was WordPress, but I was leaning towards a GoDaddy issue (especially since the files were created by root).

    Moderator Ipstenu (Mika Epstein)


    🏳️‍🌈 Halfelf Rogue & Plugin Review Team Rep

    Hah, yeah, if the files are created by root, then it’s a server hack, and tell the reps to escalate.

    Sadly, GoDaddy can be pretty dense about that stuff.

    I checked a bunch of sites the sites that were listed to be compromised on the same GoDaddy servers as myself, and some were running Drupal or Joomla instead of WP. So I’m even more certain that GoDaddy did something wrong and WordPress is still awesome!

    Go Daddy


    Go Daddy Support


    Just wanted to post a quick update regarding this. It is something we’re aware of and was not centralized to WordPress users or Go Daddy. At this time all issues regarding this should be resolved and content restored. Be sure to let our support team know if you’re still seeing issues with your account so we can assist in addressing them. We’ve posted further details on our site through the following URL:


    If you’re still experiencing issues, take a look at this post:

    There is a script to fix if this is the attack that is affecting you.

    Thanks for the info! So iSKORPiTX could be doing all of these mass defacements on hundreds of different servers via the GLibC exploit?

    Sorry for jumping to conclusions that it was specifically GoDaddy’s fault!

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘WP exploit?’ is closed to new replies.