Has Your Site Been Hacked with Malware? Here’s What to Do.


Red stop sign that says 'MALWARE' in the middle of it.


 

A couple days ago, we woke up to the one of the scariest possible scenarios that could happen to a blog owner. We were hacked. And we knew  that in a matter of hours everybody would know this. We had the glaring red dreadful sign saying our site was an attacker site! This was terrifying to realize, but we finally resolved everything, and learned a lot along the way. We are writing this article to share what we learned in case any of you out there happen to experience the same thing…

 

WHAT IS MALWARE?

 

A malware attack page sign . It is a big red sign with white text.

According to Google, Malware for those out there that aren’t aware, is “malicious code —for example, scripts or iFrames that pull content from another website that tries to attack any computer that views the page.

The term “malware” covers all sorts of malicious software designed to harm a computer or network. Kinds of malware include (but are not limited to) viruses, worms, spyware, and Trojan horses. Once a site or computer has been compromised, it can be used to host malicious content such as phishing sites (sites designed to trick users into parting with personal and credit card information). Some hackers may even take administrative control over a hacked site”.

Intentions of malware or badware may include: spam, stealing financial information, confidential information and passwords,  attacking other computers, and networks, spreading malware, and tricking a user into buying something.

As daunting as all this may sound, Do Not Panic. It is a waste of energy (we learned the hard way) because there is a solution to your problem.

Again, this may sound counter intuitive, but as much as you may feel like it, DO NOT PANIC. Being hacked sucks royally yes, but there are answers, and you can have your site back to normal before you know it. There are people and resources out there to help you get started right away.

 

WHAT TO DO IF YOU HAVE MALWARE:

Red bulls eye sign that says TAKE ACTION in black text .

1). CALL YOUR HOSTING PROVIDER.  They can walk you through step by step as they did in our case.  (Shout out to GoDaddy). If your provider won’t help you at a time such as this, you may want to consider switching.

2). Make sure your site is upgraded to the latest WordPress (or whatever CMS you may be using) version.

3). Change your FTP and admin password and make sure the hacker didn’t create another user.

4). Make sure there are no added scripts or  code left by the hacker, and that no modifications have taken place. (In our case there was added code in the .htacces file that redirected users to another site. We immediately deleted it the code). Save the added code in case you want to explain to Google in the future what you did to clean up your site.

5). Once you’ve removed all the malicious code and done what you can to clean up, go to Google Webmaster Tools and ask Google to review your site again:

 

The steps are: a). Log into  Google WebMasters account.

Logo for Google Webmaster Tools. It's an animated blue wrench, and there's text on top that says 'GOOGLE WEBMASTER TOOLS'.


b). Click on your domain name

c). Click on Diagnostics

d). Click on Malware

Picture of where Malware is on the Google Webmaster Tools dashboard.

e). Click on request a review ( Sometimes you may have to wait a while before this option pops up (in our case a couple hours) because Google hasn’t gotten to your site yet. Just be patient. Remember Google crawls a gagillion (is that a word?) sites a day.

 

Google Webmasters tool dashboard when you have malware. The part about your blog being infected is highlighted in red.

 

Once you’ve done all this check back often and if everything is in the clear, you will get  a message saying your site is now clean and Google will be taking down the attack warning soon (Yay!). In our case it took a couple hours and then we were good to go.

 

 

HOW TO PROTECT YOURSELF FROM MALWARE:


Gray square shape that says PROTECT YOURSELF in white text in the bottom left corner.

1). Make sure that the software (such as WordPress) that you use, including all the plugins are up to date.

2).  Change any default passwords that come with your software and make sure you regularly update them.

3). Remove any scripts and software you no longer use.

4). Make sure the file permissions you use are up to date.

 

Though the experience was trying to say the least, we did learn a lot. We learned what to do when attacked, and more importantly we learned steps we could take to avoid this in the future. We’ve included several links below to further educate you, and wish you all the best.  Here’s to hoping you never experience an attack.   If you do however have the unfortunate experience, you will at least be prepared and now how to resolve the issue.

 

More info:

 

 

 

Picture of an animated yellow broom with a pink stripe sweeping.

Tips for Cleaning and Securing Your Website – stopbadware.org

 

 

Logo for StopBadware.org. Stop is in red text with a rectangle around it like a stamp, and badware is in blue text.

How Can I Avoid Being Infected with Badware – stopbadware.org

 

 

Picture of black screen with green text that says 'YOU HAVE BEEN HACKED"!

About Malware and Hacked Sites – google.com

 

 

Computer monitor with a green skull on it and a sign that says 'DANGER Website hacked!'

FAQ My WordPress Site Was Hacked – codex.wordpress.org

 

 

 

Red stop sign that says 'MALWARE' in the middle of it.

Preventing Malware Infection – google.com

 


Grunged out dark gray WordPress logo.

Did Your WordPress Site Get Hacked – ocaoimh.ie

 

A silver metal padlock that has a WordPress logo in the middle of it.

Hardening WordPress Security: – 25 Essential Plugins and Tips – hongkiat.com

 

Picture of red text that says BADWARE over computer code.

What is Badware? – stopbadware.org

 

 

Picture of spray can. It has the WordPress logo and says 'Hacker Removal' below it.


How to Completely Clean Your Hacked WordPress Installation – smackdown.blogsblogsblogs.com


Sign that says 'WORDPRESS Security!' with a lock on the end of it. 'Security!' is written in red.

What All You Need to do to Keep Your Blog Secure from Hackers – blogdesignstudio.com

 

 

Drawing of security guy with his arms folded with the WordPress logo on his black t-shirt.

11 Best Tips to to Secure Your WordPress Blog – softwarebuzzer.com

 

 

 

Comments

  1. By admin

Leave a Reply

Your email address will not be published. Required fields are marked *