VoIP Tech Chat

Patrick and Fred Chat… sometimes about VoIP

Rackspace WordPress Sites Under Attack

3 comments

Fanatical Support

Got Rackspace? Got WordPress? If so… you may just have a problem.

We’ve been getting calls today from Rackspace clients (hosting WordPress sites) that have been compromised similarly to the GoDaddy hack a few weeks back. The Unmask Parasites Blog has an excellent article on the attack posted on their, well, their blog.

There are some huge sites that have been hit, and some not-so-large as well (we personally were hit by an earlier attack). In the “Is Cloud the answer” debates, this will surely become an example of how a compromise in the cloud, can devastate an entire farm.

Update 6/19/2010

Shortly after this article was initially posted, Rackspace via their Rackcloud Twitter account posted the following message:

Rackcloud advised that the reports were inaccurate and details would follow...

Reports, schmeorts.

Of course… details never came. I tweeted them myself (Oh no you didn’t… Oh yes I did):

Show me the money.

Show me the money.

At this point, they haven’t replied to my request or posted any additional information on their twitter account. I think they moved on… the next day they were more interested in talking about how “Cassandra by Example translated to Japanese!”

Also, one day… one day I’ll spell check my tweets. Until then, read at your own grammatical risk.

Read more:

http://blog.unmaskparasites.com/2010/06/14/attack-on-wordpress-blogs-on-rackspace/

Written by Fred

June 15th, 2010 at 12:39 pm

Posted in tech

Tagged with , ,

«
»

3 Responses to 'Rackspace WordPress Sites Under Attack'

Subscribe to comments with RSS or TrackBack to 'Rackspace WordPress Sites Under Attack'.

  1. In response to “In the “Is Cloud the answer” debates, this will surely become an example of how a compromise in the cloud, can devastate an entire farm.”, I’d like to point out that there’s nothing about this attack specific to a “cloud” environment. If it did come through an outdated phpMyAdmin install as some think any environment with shared database servers (cloud, shared hosting, and many VPS providers) would be equally vulnerable. Even if you’re running it yourself on your own private servers forgetting to do your apt-get update/upgrade regularly would lead to the same vulnerability.

    Sean Harlow

    15 Jun 10 at 1:14 pm

  2. Got Rackspace? Got WordPress? If so… you may just have a problem. http://bit.ly/rackspacewp

    Fred Posner

    15 Jun 10 at 5:42 pm

  3. Update posted to Rackspace article on VoIP Tech Chat re their response and non-response. http://bit.ly/rackspacewp

    Fred Posner

    19 Jun 10 at 7:00 pm

Leave a Reply