Criminals Hijack Large Web Hosting Firm
IPOWER declined a phone interview for this story. But the company acknowledged in an e-mail that "over the past three months our servers were targeted. We take this situation very seriously and a diligent cleanup effort has been underway for many months already. We saw the StopBadware report on the day it came out and went to download the list to sweep it as quickly as possible. By looking at the list, it was evident that our cleanup efforts were already helping significantly. By the time we downloaded the list, there were already over a few thousand accounts less than what they claimed in their report."
IPOWER said the site hacks "came from a compromised server hosted by another company that was listed on the Stopbadware.org Web site. This impacted a higher percentage of accounts on each of these legacy third-party control panel systems."
The company claims to have more than 700,000 customers. If we assume for the moment the small segment of IPOWER servers Security Fix analyzed is fairly representative of a larger trend, IPOWER may well be home to nearly a quarter-million malicious Web sites.
And an interesting point:
An Internet service provider or Web host can take action within 48 hours if it receives a "takedown notice," under the Digital Millennium Copyright Act. The law protects network owners from copyright infringement liability, provided they take steps to promptly remove the infringing content. Yet ISPs and Web hosts often leave sites undisturbed for months that cooperate in stealing financial data and consumer identities.
There is no "notice and takedown" law specifically requiring ISPs and Web hosts to police their networks for sites that may serve malicious software.
Posted on May 25, 2007 at 7:13 AM • 23 Comments