Hacked HostGator Sites Distribute IE Exploit

Hackers have hijacked a large number of sites at web hosting firm HostGator and are seeking to plant trojans on computers of unwitting visitors to customer sites. HostGator customers report that attackers are redirecting their sites to outside web pages that use the unpatched VML exploit in Internet Explorer to install trojans on computers of users. Site owners said iframe code inserted into their web pages was redirecting users to the malware-laden pages.

UPDATE: HostGator says its servers were attacked through a previously unknown security hole in cPanel. See our update for the latest details.

HostGator general manager Jason Muni told Security Fix that attackers had "reconfigured an unknown number of Web sites hosted on the company's servers to redirect visitors to a third-party Web site that tried to load the IE exploit." Muni said the company reconfigured all of its 200 servers to address the problem. But as of 5:30 pm EST Friday, some HostGator customers were continuing to report that their sites were compromised and redirecting visitors, indicating the problems were ongoing.

Continue reading

Bank, Customers Spar Over Phishing Losses

Who should bear the cost of phishing losses: the bank or the customer? That question is at the heart of a recent dispute between the Bank of Ireland and a group of customers that fell victim to a phishing scam that drained 160,000 Euros ($202,000) from their accounts. The bank initially refused to cover the losses, but has since changed its mind and credited the accounts of nine victims, who had threatened to sue to recover their funds.

The Bank of Ireland incident is one of the first public cases of a bank seeking to force phishing victims to accept financial responsibility for their losses, but it likely won't be the last. Phishing scams continue to profilerate, as Netcraft has blocked more than 100,000 URLs already in 2006, up from 41,000 in all of 2005. Financial institutions continue to cover most customer losses from unauthorized withdrawals. But after several years of intensive customer education efforts, the details of phishing cases are coming under closer scrutiny, and the effectiveness of anti-phishing efforts taken by both the customer and the bank are likely to become an issue in a larger number of cases.

The issue of responsibility has been most prominent in the UK. In late 2004, the UK trade association for banks, known as APACs, began warning that financial institutions may stop covering losses from customers who have ignored safety warnings. That stance is reflected in the group's statement on customer protection.

Continue reading

DataPipe Accepts $12M Investment

Managed hosting provider DataPipe announced Tuesday that it has secured a $12 million private placement investment, and will use the funding to buy additional data center space. The funding continues a period of strong investor interest in the hosting sector. The first half of 2006 saw a flurry of acquisitions involving major hosts and domain registrars, and investment bankers say the industry is also attracting private funding from investors wanting to participate in the industry's growth.

The New Jersey company said its recent growth has prompted a global expansion. The first deal is close to home. "We have purchased a 36,000 square foot facility in central New Jersey," said Robb Allen, founder and CEO of DataPipe. "We are in the process of upgrading the infrastructure to meet the standards required of a Tier 4 facility (the highest rating under an industry standard from The Uptime Institute)." Allen said DataPipe expects to begin installing clients in the new data center in the first quarter of 2007 and expected to announce further data center acquisitions in the near future.

Continue reading

OpenSSL Vulnerable to Forged Signatures

Security researchers have demonstrated a way to forge digital signatures that can fool the OpenSSL software used in many secure web servers and virtual private networks (VPN). The OpenSSL Project has issued patches to address the weakness, and is urging users to upgrade or install the patches.

The signature forgery technique was first demonstrated by Daniel Bleichenbacher, a cryptographer at Bell Labs, at the CRYPTO 2006 conference last month. While the forgery only works on specific keys (known as PKCS #1 v1.), these keys are used by some certificate authorities in SSL server certificates.

Continue reading

Three Hosters Share Most Reliable Hoster in August

Ranking by Failed Requests and Connection time,
August 1st - 31st 2006

hoster_performance_august06.PNG

The world's largest web host is also is the best performer this month, as 1&1 Internet ties with Rackspace and New York Internet as the most reliable relable hosting company site for August 2006. The home pages for all three providers were perfect for the month, with no downtime and no failed requests.

This month's leaderboard provides an interesting contrast, demonstrating that hosting customers can find good network connectivity at either end of the hosting spectrum. 1&1 is one of the cheapest providers, offering shared hosting accounts starting at $2.99 per month, while New York Internet and Rackspace are managed hosting specialists that provide custom pricing.

Rackspace has been the most reliable host four times this year, while NYI has topped the list or tied for first on three occasions. 1&1, which hosts more than 3 million active sites, previously led the rankings in May 2005.

Seven of the 10 most reliable hosters run their sites on Linux, while two use FreeBSD, and one Windows Server 2003.

Continue reading

September 2006 Web Server Survey

In the September 2006 survey we received responses from 96,854,877 sites, an increase of 4.2 million (4.3%) from last month's survey. This continues the accelerated pace of Internet growth in recent months, as the survey has gained 15.5 million sites since June.

Growth is being driven by two trends: the popularity of blogging services, and the heated battle between Microsoft and Google for new users for their web platforms. Huge growth continues at Windows Live Spaces, Microsoft's free blogging/networking service, which added 1.3 million hostnames last month. Google had a gain of 459K hostnames, primarily at Blogger, its free blogging service.

Significantly, the free hosting offerings appear to be attracting new users. In the first five months of the year, the Internet added an average of 2.75 million new hostnames per month. Since June, that average has more than doubled, to 5.4 million sites per month. The number of new sites created will always exceed the net monthly gain, as some sites are discontinued or see their domain names expire.

The recent gains at free services have begun to outstrip growth at paid web hosting providers. It may seem unfair to compare free and paid hosting, and the markets attract different kinds of users. Nonetheless, the success of these services in recent months represents a growing challenge to traditional hosts, especially as they gain usage among small businesses, typically a key target market for paid hosting.

The large growth at Microsoft continues to influence the market share for web server software. Microsoft gains 1.1% share this month, while Apache declines by 0.9%.

Total Sites Across All Domains August 1995 - September 2006

Total Sites Across All Domains, August 1995 - September 2006

Graph of market share for top servers across all domains, August 1995 - September 2006

Top Developers
DeveloperAugust 2006PercentSeptember 2006PercentChange
Apache5790681762.525969987261.64-0.88
Microsoft2790543930.133027224931.261.13
Zeus5216190.565156700.53-0.03
Sun3448620.373458340.36-0.01

Continue reading