Today we received an email from a client in Portland letting us know their webhost (GoDaddy) had sent them an email indicating that their website was infected with malware and the offending files had been deleted. The email looked like this:
We take security seriously so all customers can build and manage their websites in a safe environment.
We’re writing to let you know that we recently completed a routine security checkup of all our servers and platforms. Our scans flagged your websiteurl.com hosting account as containing known malware. Due to the negative impact to our systems, we’ve removed the following malware from your files:
Unfortunately, our scans also flagged other content that could be malicious, but due to the nature and usage of these files, we did not remove them as this should be reviewed by a website administrator first. We recommend you log in to your hosting account to review the following content and remove if necessary:
For speedy help, or any questions or concerns, please call our hosting security team at 480.366.3501 to resolve the issues immediately.
We appreciate your attention to this matter.
As always, thanks for hosting with us!
We went in and performed a full site scan and actually found quite a bit more malware than just what was indicated in the email from GoDaddy. After scanning and removing the offending files we were able to quickly get the site back up online and running smoothly again.