Research Blog

New Malware –

We are seeing many WordPress sites on shared hosts (GoDaddy, Bluehost, Dreamhost and a few others) compromised with a malware from

This is what is gets added to the hacked site:


<script src="">..

And that code is used to infect the browser of the person visiting the compromised web site.

What is interesting is that this attack is being done by the same group that infected thousands of GoDaddy sites with the .htaccess redirection (all hosted at

Whois of the group behind it:

Registrant Contact:
Gavai Otarro
+1.445669776 fax: +1.445669776
5653 6th Street
Pittsburgh PA 54353

If your site is compromised, sign up with us and we will fix it for you:


Client Love

Customer satisfaction is our top priority and our clients can confirm. Check out some real recommendations from real clients.

Scan your website FOR FREE