What to do When Your Website Has Been Compromised

A website is the image of its owner on the web. It tells everything about the owner. For example, if it’s a company’s website, it tells everything the company does and offers. If it’s a personal one, it usually has some stories about what the owner does, likes, and something like that. With this personal image on the web, can you imagine what would happen if your website was compromised? What if, for example, your website had been compromised by some sort of viruses, Trojans, or even malware?

How do you know if your website has been compromised?

There are many ways to compromise a website. It depends on the attacker motive. However, from what we’ve learnt from some cases in the past, at least there are some common symptoms that connect all the victims, including:

  • Your website has been changed with a different display (defacing)
  • Your website URL suddenly changed into a completely different URL than you registered (website redirect). The ‘new’ URL usually leads to porn or pharmaceuticals site.
  • Your browser, search engine, and/or antivirus marks your website as Unsafe or Compromised.
  • Your website experience a strange traffic, with sudden, unexplained big spikes.
  • You get a warning from http://www.google.com/safebrowsing/diagnostic?site=your domain name

Eliminating the threat

If you experience even one of these symptoms, it is safe to assume that your website has been compromised. The challenge comes next: bringing your website back to safety.

Build a support team

Contact your hosting provider as soon as possible. Tell them your situation and ask for their advice. Alternatively, you can also reach some helpful communities and experts to ask their assistance on your problem.

Quarantine your website

Bring your website online as soon as possible to prevent further damage from the attacker and reduce victims from your user’s side. Ask your hosting provider to redirect your page to a static page on a completely different server with 503 HTTP response code.

Next, perform thorough check on all user accounts. Check if there is any suspicious account. If you found anything, write down the details for later report to your hosting provider. Delete the account as soon as you found it. Then, change all your passwords and recommend your users to do the same thing.

Identify and remove the threat

At this step, we will remove the threat from your local computer and website, to make sure there’s nothing left.

  1. Update your antivirus and scan your local computer. Make sure it’s clean from any dangerous programs, including Trojans, spyware, viruses, malware etc.
  2. Ask your support team or hosting provider to examine and fix log files, software extensions, plugins, consoles and other data as well as applications to determine the vulnerability, including how and when the attack as performed. Once done, make sure you have the up-to-date version of any plugin, console, extension, and application on your website.
  3. Restore your backup, even though it is an outdated one.
  4. Apply any necessary change to the backup and bring it online.

Maintain your website

Once you’re back online, you may need to regularly monitor your website for any malware. For this, you can use Sucuri or Sitelock. They’re pretty nice for securing your website.

Conclusion

Cyber threat can attack any website, including yours. However, if you found the evidence for it, don’t panic. Contact your hosting provider and gather a support team as soon as possible to determine the vulnerabilities and fix them. Meanwhile, you need to take your website offline to prevent further damage from the attacker and your users from being targeted.

Tips for Securing Your Website (Before You Get Attacked)

Cyber threat is on the rise. However, despite everything we have heard about it, many of us still choose to ignore this threat. Just because we think “no one would attack us for the ordinary things we have and do,” it doesn’t mean we are free from cyber threat.

Well, even though your website has ‘nothing,’ it can still become a gold mine for cyber attackers. They can turn your website into an information mine, where everything that your visitors/users do, copy of this information goes directly to them. You still have the information and so are they. This what makes us unaware of the situation. We think nothing happens, yet the fact is completely different. Hackers can also inject your website with malicious links and programs, which will spread to everyone who access your website.

This is the fact, the fact many of us ‘choose’ to ignore. However, by looking at the scale of damage it can bring upon everyone, there is no reason not to prevent them.

Lucky for us, even these intense threats can be solved with some simple solutions. 

Update all Software

Software providers and developers regularly update their softwares to patch vulnerabilities in their application. By keeping all your softwares up-to-date, you will reduce the chance for the attacker to breach into your website. 

Multiple security layers

Security layer acts like a door to a house. The more layers you have, the longer and more difficult it takes for a person to breach into the website. At the first line of your defense, you can use a Web Application Firewall, which will protect you against malicious traffic, Spam, SQL injections, brute force attacks, Cross Site Scripting, and other cyberattacks.

Use HTTPS

Hyper Text Transfer Protocol Secure (HTTPS) is the next level of HTTP connection. It provides better security while transferring sensitive information between a web server and a website. Using HTTPS for your website basically means encrypting all data sent to and from your website. Without the right decryption key, even though the hacker finally breached into your website, he/she will only get useless, scrambled information.

Use strong passwords and change them regularly

Strong password is a must. Every time you are required to make a password, make sure you have created a strong combination of (at least) one upper case, one lower case, one alphabetic character, one numeric character, and one symbol. Yes, I know it is more difficult to remember, but it is much more effective to secure your website than just a word. Besides, you can still write it down somewhere safe (but not at your device). Also, don’t forget to change your passwords regularly. The more often you change it, the less time for the attacker have to break it.

Your admin configuration should be difficult to find

A website’s admin configuration is the core of any website. You should be the only one who knows about and have access to it. Do not let other people know about it, especially its location. Many hackers try to save their time by creating scripts that will scan all directories on your server. These scripts will look for any word that is related to ‘admin’ or ‘login.’ So, as long as you don’t use any of these or anything that sounds similar to them, your website will be much safe. Try asking your host provider if they allow you to rename your admin directories with custom name. If it’s possible, try to rename it with something only known to you.

Tags: , , , , , ,

Do I Need Professionals to Remove Malware?

professional-malware-removal-services
professional-malware-removal-services

Sometimes a professional is needed to remedy your website.

When malware attacked your website, it is very important to remove the threat immediately and bring back your website to safety. However, there is something you need to understand first. When malware attacked your website, it is completely different than a PC attack. In PC/laptop case, you can easily use a malware removal to eliminate the malware and clean your device. It’s quite easy, especially when there are plenty of malware removal available today. However, when malware attacked a website, it becomes very complex. In a website attack, the attacker usually uses the malware to gain control of your website. Let’s leave the reasons, because the most important thing here is how to fix it.

A Complex Attack

In order to gain control of a website, a malware needs to dig as deep as possible. This is because many hosting provider today offers basic security feature that will alert website owner for any suspicious cyberattack. The malware needs to stay hidden as deep and long as possible to deliver the most damage. For this reason, when a malware attacked a website, it usually goes as far as to the log files, website core code, CSS, server, SSL web site configuration, and many more. Everything that has relationship to your website might be infected, the moment the malware infected your website. So, unless you have cyber security background, it is less likely you can fix this problem alone. What about using software? Well, it can be helpful, but less likely will solve the whole problem. Most malware removal tools still remove tracks that can be used again by the attacker to re-inject your website with other malicious programs.

Do You Need Professionals?

So, if you are asking about my personal opinion, removing malware from your website should require someone with specific background in cyber security. Their knowledge and experiences mean a lot. They can help you in determining the vulnerabilities faster and more effective. This is important because some malware is designed to cover their identity. It seems the problem is located at a certain source code, but after a thorough investigation, that source code might be just fine. The real problem might be located at a completely different code.

The damage is another reason for asking a professional when malware has attacked your website. A website is basically a digital environment where everything connects to each other. A simple line of code may change a huge portion of your website completely. If there is any damage to this part or any other part, it will high likely affect other parts of your website. That is if we assume the malware doesn’t spread to other parts of your website or hosting. If it does, the damage will certainly worse. In this case, there is no reason not to ask a professional. With their help, you can carefully inspect the flow of damage and fix every broken part.

Do You Always Need Professionals?   

Not really. When a malware attacked your website, your first step should be contacting your host provider. They have their own support team who are very familiar with your website environment. If there is the first expert you should reach for a malware attack. Another benefit of using them is they are hired to help you. That means, instead of telling you what to do, they will gladly fix the problem for you. Professionals from online communities will less likely do this for you. You will only get advice, tips, or anything like that and the rest is up to you. Even if you failed during the process, you can’t blame them for giving the wrong steps.

Tags: , , ,

Best Malware Scanners

malware-scanner

malware-scanner

With increasing malware attacks, it becomes very important for every website owner to protect their website against all types of cyberattack, including malware. Unlike viruses, malware is less visible. You probably won’t realize that you’ve been compromised until your website started to misbehave. Have you ever browsed to your own website, yet you are directed to a completely different website, even though you believe you typed the right address? Or maybe your website display looked completely different, from the last time you saw it, even though you made no change since the last configuration? These are the most common symptoms of malware attack, yet they are not the most dangerous thing about malware. The fact is, everything that happen on the surface is most likely only a little part of the real attack. While you’re focused on fixing the ‘strange’ appearance of your website or page, the attacker might have ruined everything down in your website system.

Saving Your Website

Dealing with malwares, along with all threats they possess, is a tricky job. You won’t find them unless you know where they’d be hiding. The moment you found them, it’s probably too late for your website. So, why don’t you use a better, faster way of scanning them? There are plenty of exceptional malware scanners you can use. Here are some of them.

Bitdefender

By focusing on active malware threats, Bitdefender offers high-speed malware scanning. Using its cloud scanning technology, it can scan any active malware within a minute. 

Acunetix Vulnerability Scanner

Acunetix Vulnerability Scanner is one-stop solution for malware attack. It will scan your all parts of your website, including servers, application, and plugins for any vulnerability. It will also quarantine your website from future attack, while giving you the time to fix your website.

Scan My Server

Scan My Server offers one of the most comprehensive protection against malware, including Cross Site Scripting, HTTP Header Injection, Blind SQL Injection, PHP Code Injection, Source Disclosure, and SQL Injection.

ESET

ESET is a unique malware scanner that allows you to detect various types of malware, including the unknown ones. You can also use this software to scan and secure your website from other dangerous programs, such as spyware, worms, viruses, and even phishing attempts.

Trend Micro Housecall

Trend Micro Housecall is not just a good antivirus. This program also allows you to keep your website safe from any virus, Trojan, worm, and unwanted browser plugin. Some of its popular features include smart scan, vulnerability scan, enhanced scanning, smart feedback, and review and restore files.

Sucuri

SUCURI is one of the best website mitigation solution. If your website has been compromised by malware, this website is all you need. Just copy and paste your URL on SUCURI website and this program will help you to scan and clean your website from any malware.

F-Secure Online Scanner

F-Secure Online Scanner provides easy solution against malware problem for website owners. Similar to Bitdefender, this program uses its advanced cloud scanning technology to quickly scan and remove malware from your website and local host.

SSL Server Test

SSL Server test is one of the best malware scanners on the web. It provides detailed analysis of your SSL configuration. It will also notify you when someone tries to modify your SSL web configuration, which hackers usually use to redirect your audience to malicious website.  SSL Server Test is also known as one of the most private malware scanner. Even though it requires information about your website to run its feature, every information will be discarded from the system after the malware check.

Tags: , , , , , , , ,

Best Malware Removal Services

Malware, a silent destroyer. Hidden deep inside your website, you will never realize its presence, until it starts breaking your website. Everything seems to be fine, but not at the ‘underground’ where the real nightmare begins. Suddenly, your website looks different, with some strange content here and there, which you never published. Some of your users even reported that your link leads them to malicious page where their device gets infected by malicious programs. These things are only the beginning. Things could go worse if you don’t remove the malware from your website immediately. The good news is, there are plenty of tools out there that can help you to accomplish this mission.

Panda Free Antivirus

panda-security-antivirus-software

Easy to install, light, and reliable. These are the most important things you should remember about Panda Free Antivirus. Despite being “Free,” this software guarantees 100% malware free for your website. So, even though you have few memory left for a malware removal, it will be always enough to install Panda Free Antivirus and eliminate any malware from your PC and website.

You can visit them here:

http://www.pandasecurity.com/usa/homeusers/solutions/free-antivirus/

Spybot Search and Destroy

Speed is its alias. Spybot Search and Destroy guarantees quick, yet very effective spyware and malware removal. With its excellent performance, it’s pretty easy to understand how the company has gained a lot of trust from computer user’s in the past year. Spybot Search and Destroy and available for free for private users. However, you may need to pay a little cash if you want to use this software for your business.

Visit them here: https://www.safer-networking.org/

Adaware Free Antivirus+

Adaware Free Antivirus+ is not just a malware removal service. It’s your all-in-one solution to keep your website free from any malware. It’s light, fast, and reliable. Unlike many ‘dedicated’ malware removal, this software occupies less space, but does more work. The best thing about this app is it also shields your website from incoming malware attack. This is an excellent feature because once you got malware inside your system, it usually downloads another malware from the internet. So, as long as you can control everything that comes in and out, it will be nice.

http://www.lavasoft.com/products/ad_aware_free.php

Malwarebytes Anti-malware

If you are looking for a malware removal that will work perfectly with your existing antivirus, you need Malwarebytes Anti-malware. While the free version can give you basic protection against malware, you certainly need to consider paying for the premium one. With real-time protection, Malwarebytes anti-malware shields your system from malicious incoming and outcoming connection.

https://www.malwarebytes.com/

Microsoft Security Essentials

While most security review usually recommends security company to remove malware threats, this time we take a different step. Microsoft Security Essentials is a good alternative to keep your system and website free from any malware. Like the name says, it comes from Microsoft, a company known by its Windows OS. Microsoft Security Essentials is basically a strategy from Microsoft to prove that the company is more than just about an OS. It’s a one-stop solution for digital community. The program itself offers a complete protection, including malware detection and removal from your system. Of course, in order to use this app, you need to be a Windows user.  Despite the small size, Microsoft Security Essentials has truly become one of the best player in malware removal, due to their advanced removal technology. The best thing about this program is, you can still deactivate it if you prefer to use another malware removal service. This way, even if you feel unsatisfied with the new malware removal tool, you can still come back to this tool by simply activating it. No more re-installing the app or wasting your space for the app caches. It’s a perfect solution, we think, something we can expect from Microsoft.

You can download it here:

https://support.microsoft.com/en-ca/help/14210/security-essentials-download

Tags: , , , , , , , , , , , ,