(The Hosting News) – AHosting, a leading provider of personal and enterprise hosting solutions, has issued a warning to those of its clients using the Piwik analytics platform to update their installation.
Users of Piwik who updated to or installed Piwik version 1.9.2 on the evening of Monday, November 26th are at risk after Piwik’s main server was hacked and malicious code added to the application’s files.
Piwik is a popular self-hosted open source analytics platform used by many webmasters to monitor traffic on their sites. It is a widely-used alternative to proprietary analytics solutions like Google Analytics.
Users are advised to back up their data before deleting their installation and re-installing a version that has been verified as clean. The Piwik.org server was breached via a security vulnerability in a WordPress plugin, and malicious PHP code was added, which inserted a backdoor that caused servers with the infected version to send data to a third party.
“We’re great fans of Piwik,” stated Ahosting, Inc.’s VP of Sales, Nick Max, “However, we feel we need to take a proactive stance on security for our users. If you updated your Piwik installation during the time span in question, backing up and reinstalling is the best way to be sure that your data is safe.”
The speed with which the breach the was noticed and fixed is an indication of the commitment and expertise of the Piwik community. The compromised version was only available on their server for 8 hours, and a sanitized version was quickly made available.
Piwik is one of a number of popular open source applications that have been the victim of hackers in recent months. In September, the MySQL administration tool, phpMyAdmin was also found to contain malicious code.
For further information, please consult the security report released by the Piwik development team.
Ahosting is a managed web hosting provider with facilities in Orlando, FL, Detroit, MI, and Charlotte, NC, owned and operated by Ahosting, Inc., supplying hosting services that are truly beyond imagination. Since 2002, AHosting has established one of the web’s premier solutions for reseller web hosting, multiple IP hosting, dedicated servers, and VPS hosting. For more information, visit http://www.ahosting.net.