Someone commented on the posted article that the compromise seems to be from Godaddy itself. What I'm thinking is someone used a vulnerable 3rd party script hosted on a shared server, then somehow got root or escalated privileges and compromised all or most of the sites hosted on the shared server. If the issue was Godaddy itself being hacked, I would assume it would affect all servers, not just the shared one(s).
Does GoDaddy use Fantastico? I know we recently patched our servers for http://www.1337day.com/exploits/16512
Not sure if GoDaddy did (or needs to) do the same.
Good thing we have these stories once a week to remind us not to use GoDaddy. Maybe people will start listening.
I've been getting a ton of people signing up for my GoDaddy hosted WordPress blog the last couple of days. All the email addresses were things like adfa@gmail.com.
Usually I get 2 or 3 signups a month. The last 2 days I've gotten 10 to 15 a day.
I've kept my WordPress install up to date though and I don't appear to be compromised. I wonder if that was part of the attack.