1. Matt

    The same thing happened to me but I'm hosting with Hostgater not Inmotion. The search you showed though doesnt seem like its all the same kind of problem. With mine Hostgator showed me the logs and I saw that the problem was an exploit in WordPress 2.8.3. When I upgraded WordPress and changed my FTP password I never had this problem again. Sorry man but the problem is your site not your host.

    • Linerd

      Well, if it was a problem with my site, it was an exploit in WordPress 2.8.4. I upgraded the site to 2.8.4 in August and my site got hacked on Sept. 11. It seems like more than coincidence that 9 out of 10 sites I found showing the same problem were all with Inmotion. BTW, it's been reported on Drupal sites as well.

      Perhaps it's my fault for not changing my cPanel password since signing up. Account login information was included in the site activation email, so if someone got into the sent mail at Inmotion they would have several ID's and passwords.

      The disappointing thing is that Inmotion knew that there was an issue. They could have run a simple

      rgrep 2309h34b34b34b *

      on each of their servers and found all the hacked accounts. It wouldn't have been too much to ask to send out an email to the affected account holders letting them know of the problem and their proposed solution. Instead, they chose to simply deny any responsibility and left their customers to discover the problem on their own.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.