Criminals Hijack Large Web Hosting Firm
Nasty attack.
IPOWER declined a phone interview for this story. But the company acknowledged in an e-mail that “over the past three months our servers were targeted. We take this situation very seriously and a diligent cleanup effort has been underway for many months already. We saw the StopBadware report on the day it came out and went to download the list to sweep it as quickly as possible. By looking at the list, it was evident that our cleanup efforts were already helping significantly. By the time we downloaded the list, there were already over a few thousand accounts less than what they claimed in their report.”
IPOWER said the site hacks “came from a compromised server hosted by another company that was listed on the Stopbadware.org Web site. This impacted a higher percentage of accounts on each of these legacy third-party control panel systems.”
The company claims to have more than 700,000 customers. If we assume for the moment the small segment of IPOWER servers Security Fix analyzed is fairly representative of a larger trend, IPOWER may well be home to nearly a quarter-million malicious Web sites.
And an interesting point:
An Internet service provider or Web host can take action within 48 hours if it receives a “takedown notice,” under the Digital Millennium Copyright Act. The law protects network owners from copyright infringement liability, provided they take steps to promptly remove the infringing content. Yet ISPs and Web hosts often leave sites undisturbed for months that cooperate in stealing financial data and consumer identities.
There is no “notice and takedown” law specifically requiring ISPs and Web hosts to police their networks for sites that may serve malicious software.
Clive Robinson • May 25, 2007 7:57 AM
It looks like the old comment about,
“You get what you pay for”
Applies to online hosting and ISP sites.
The real question is how many people putting up websites with these organisations actually have the skill to secure / check / clean up their websites?
I suspect very few, however does that make the hosting company liable probably not in their view (others will certainly disagre).
However when the site operator is deficient in applying security and other patches then they most definatly are deficient and should clean up their act pronto (as IPOWER apparently now are).