Blog for hpHosts, and whatever else I feel like writing about ....

Thursday, 14 October 2010

SurfTown: Yet more compromised sites

A friend alerted me, after reading my blog, to a plethora of other sites on SurfTown IP space he'd found, that were also carrying malicious code.

SurfTown did get back to me after my last blog, telling me it had been cleaned up but alas - it hadn't. A quick check showed the infection was very much still there, and indeed, a quick check a second ago, shows it's still there as of 15-10-2010 03:03 (GMT London).

It would seem, just like HostingDiscounter (a Netherlands based IP that had a plethora of sites compromised recently), SurfTown is having major problems with compromised sites on their network. Until this is resolved, I'd strongly advise caution if going to ANY site on their network.

Some of the sites I've checked this morning do indeed appear to have been cleaned up, but alot haven't.

The redirects have been seen going through the following on port 11066;


No comments: