Oh boy MediaTemple just fucked up royally and got busted. Some of you may have seen the posts about recent MediaTemple hackings.
What happened was that yesterday lots of MediaTemple users noticed that their .htaccess and PHP files were injected with some porn links etc. MT then resetted all passwords because "they noticed suspicious activity in your account". Hackers did huge amount of logins to each account with stolen passwords. Basically what happened was that MediaTemple kept all passwords in non-encrypted form in their database. They also ask your password every time you call their support, something that should never be done with proper security measures.
Then somebody revealed that he noticed these injections started many weeks ago so MediaTemple knew about this the whole time. And now somebody pointed out that hacking might have been done with PHP5 vulnerabilities because they had old PHP5 version installed. MediaTemple has now changed some accounts to PHP4 without asking according their user forums. The worst part with this PHP issue is that they had PHP5 5.2.6 installed which had like 37 vulnerabilities that was fixed in 5.2.7. So they knew their accounts were getting hacked somehow and they didn't even install updates.
Now they have released a short guide how to remove the exploit links from your files. This was the last drop for me. First they fuck up and then they expect their customers to go thru every domain, every .htaccess file and every PHP file themselves. That's just fucking ridiculous. Are they really that fucking retard that they don't even bother to scan files for customers and send customers list of infected files. I understand that there are reasons why they probably don't want to automatically remove the injections. Scanning and reporting is the least they can do.
All I can say is that Fuck You MediaTemple
for charging premium prices and not taking care of basic security updates. Only reason why I was using shared hosting was because I didn't want to stress with basic maintenance.
*edit* MediaTemple Sucks - Another happy MediaTemple customer