Network Solutions said fewer than 120,000 parked domains were impacted by an infected widget, less than security researchers previously thought.
Network Solutions reported today that a mass compromise of parked
domains belonging to their customers affected significantly less
domains than previously thought.
Last week, researchers at Armorize Technologies
an infected widget that was serving malware to people who visited
parked domains, which are domains that are registered but
lack any owner-provided content.
While Armorize estimated the number of domains affected ranged from
500,000 to 5 million, Network Solutions on Aug. 17 put the total at
less than 120,000.
In any case, Network Solutions reported no active Websites were impacted, and there was no compromise of the company's platform.
"We received reports of under construction pages showing pop-up
boxes with Chinese writing in them when viewed from Taiwan; however,
when viewing the same page at the same time here in Herndon, Va., these
boxes didn't appear," Network Solutions said in a statement. "It seems
this attack targeted Chinese Web servers."
"We removed the widget link from both the GrowSmartBusiness.com blog
and the impacted under construction pages," the company continued. "By
removing this single link, the widget no longer appears. We also
removed the widget from the open-source, third party provider's widget
library. By doing this, the widget no longer appears on any Website,
blog or profile that had the link or downloaded the widget code. In
addition, we have scanned our entire hosting platform to proactively
detect this malware and there have been no other occurrences."
According to Armorize, Network Solutions' customers have been targeted on multiple occasions
so far this year.
"Throughout this year, the shared Web hosting industry has been
facing increasing attacks from perpetrators of malware," Network
Solutions said. "We are continually working to defend against these and
similar types of attacks."