April 13, 2017
Your Website Could Be Infected Without You Even Knowing It
653

If you own a website, you better understand the risk of becoming infected by malware and what to do about it. Otherwise, you could be infected without even knowing it.

How Can Viruses Affect Your Website?

“Viruses” is actually a bit of a misnomer. When most people say it, what they’re really trying to say is “malware.” A virus is a type of malware, but there are all kinds of other attacks that fall under this umbrella term. These include:

  • Viruses – Malicious code that attaches to an application from your site so it can spread the virus far and wide. It could lay low for a very long time before the finally being triggered by a hacker to deliver its payload from thousands or even millions of infected systems.
  • Trojan Horses – This type of malware gets its name because the victim welcomes it into their own computer. You may see a link to a fun game and click on it not knowing that you have now chauffeured an infection onto your website.
  • Worms – The attack burrows deep into your computer and keeps spreading until the bandwidth consumed is enough to crash it. These attacks can also be used on your server to take your site down.
  • Spyware – As the name suggests, this form of malware is designed to relay information back to the hacker. Usually, it has to do with your browsing habits, but it could also be used to disable your site.
  • Logic Bombs – The name of this attack refers to the fact that this code will sit dormant until it recognizes a certain “logic” that triggers it. If it’s deployed against your website, it could be used to look for behavior by your visitors.
  • Rootkits – If you’re using security software, rootkits will work to disable it, possibly, so the hacker can go after your site.
  • Newsletter Spamming – Most websites offer some type of newsletter to repeat visitors. Unfortunately, hackers may decide to put your site in Google’s crosshairs by sending out newsletter after newsletter from its domain. Again, not only will this earn the ire of your readers, it will ensure Google adjusts your site’s rankings in a negative way.

Unfortunately, hackers are always coming up with new attacks, so this list will continue growing in the future.

Warning Signs That Your Website Is Infected

The tough thing about malware is that it’s generally designed for stealth purposes. After all, if you know it’s running on your computer or affecting your website, the hacker’s goals will be compromised pretty quickly, right?

Instead, they usually want their malware to remain unnoticed for as long as possible or at least until it’s time to spring their trap. A lot of times, people erroneously diagnose problems with their websites that aren’t really there. It could be any number of problems, like issues with plugins, a lack of memory, etc.

This is the first thing you need to know to catch the warning signs that your website has been successfully infected with malware. That being said, there are subtle signs you can look for that will help you identify a potential problem before it grows into something far worse.

Obviously, there are some pretty overt signs like Google sending you an alert or putting one up on the screen when you try visiting your own site by typing in the URL. Another one would be if your hosting provider actually takes your site down. This might also be because you’re under a DDoS attack and your hosting provider is taking your site down to mitigate potential damage.

Odd customer experiences can be a sign, too. If your customers are responding to emails you never sent or otherwise referencing messages you have no record of having sent out, then you have probably been hacked.

This is also a good time to bring up newsletter spamming again. If you send out a newsletter, you probably get responses, but if you’re hearing about a spam situation, it’s probably because you’ve been victimized by malware.

A big one you need to be careful of involves traffic to and from your site. Right now, you should take a look at what average traffic looks like for your site, so you have a baseline for comparison.

This is because a very common form of attack will involve using your system to send requests to another website’s server until it finally shuts down from being overwhelmed. A hacker will use a Trojan horse to take over your system this way.

Another sign that might be caused by a Trojan horse would be that your system is running slow. Again, unless there’s some obvious reason for this, it’s because your system is busy doing the hacker’s bidding, not yours.

If you know what your site’s files look like, you can also manually audit them. This is just like using the baseline for traffic we talked about before. Instead, you’d just go through your site’s files to look for any that aren’t supposed to be there.

A lot of hackers take advantage of the fact that the vast majority of owners have a mess of files supporting their websites and have no idea what it entails. This makes it easy for the hacker to place their own file amongst the mess where it will go unnoticed but still have plenty of opportunities to do all kinds of damage.

Generally speaking, the most vulnerable file points are:

  • .htaccess files
  • media files
  • .php files

Again, the more you have of these, the easier it will be for the hacker to find an opportunity, so it would be a good idea to clean these up ASAP if you have a mess on your hands.

At the very least, do a search for a “base64” code. If you find it, that’s not a good sign. Hackers use this code because it masks malware, links and other malicious attacks with encryption. You’ll often see it placed at the end of a .php file.

How to Check Your Website

Unless you find malicious code hiding on the backend of your site or another obvious sign makes it clear you’re been victimized by a hacker, you’ll need to know how to check your website for confirmation that you’re not just paranoid.

Keep in mind what we said earlier, too. You usually won’t have any idea that you’ve been hacked, so you’d be wise to use the following advice on a regular basis to make sure you haven’t been attacked successfully.

The easiest way you can do this is to use quality security tools. There are all kinds of options these days that are extremely affordable, yet very effective. Nonetheless, here are some helpful options to get you started:

  • Sucuri SiteCheck – This company keeps a database of known problems and will scan your website to check if it detects any of them. It will check for everything from spam to redirects to viruses. In total, there are 10 items this software can look for. While there’s a paid option for regular scanning and regular cleaning, you can do manual scans absolutely for free.
  • Better WP Security – This WordPress plugin is specifically made for these types of websites. It works by looking at any changes that have been made to your site’s files. This would include files that have been added, removed or modified. The vast majority of attacks on WordPress sites involve manipulation of files, so this very affordable software is definitely worth considering.
  • Google Webmaster Tools – Obviously, you can trust anything Google puts out. This includes their Google Webmaster Tools. While this platform is great about alerting you when it suspects something is up, it will also tell visitors by showing them a big red screen and displaying a warning. Therefore, you’ll want to be quick about checking on Google’s findings to confirm they’re accurate.

These are just three examples of different types of software you can use to check if your website has been hacked. There are plenty of others out there for every budget, though, so take some time exploring your options.

How to Clean Your Website

Most programs that will check your website for viruses will also clean them once problems are found. We recommend setting up this software so it removes problems right away instead of asking for permission. By the time you grant it, further damage could occur. You’re safer just granting permission to your malware-detection program.

As we covered before, it’s also possible to do some manual cleaning, too. If you know what to look for, it’s as easy as removing files that aren’t supposed to be there.

One big exception to all these rules we need to talk about is a DDoS attack. This isn’t an infection of your website, per se, but it can shut it down for an indeterminate amount of time, so it’s worth bringing up here.

Like we explained above, DDoS attacks succeed by overwhelming your system. That’s not something you’ll need to check for, but you also can’t really stop it other than taking your site offline until the wave of unprecedented traffic is over.

How to Protect Your Website Going Forward

This provides a good segue to our last topic, which is what to do to avoid these kinds of attacks going forward. For DDoS attacks, it goes back to having a baseline of traffic and regularly checking for potential spikes.

Other than that, you need high-quality antivirus software and you need to run it every single day. Otherwise, it will just be a matter of time before you’re a victim.

While it’s frustrating that you have to go to such lengths just to have a website, if you keep the above in mind, you’ll at least stand a much better chance of protecting your site against potential attacks.