In my previous post, I detailed my long history with WordPress and how my first online business was ruined due to my website being hacked and injected with malware. In this post I want to discuss what website malware actually is and how to know if your site has been compromised (because it’s not always apparent).
What is Malware?
The word malware is a contraction of two words, MALicious softWARE. When you hear terms like viruses, trojans, spyware and others what you’re really hearing about are different types of malware. In other words, malware is software designed to damage, infect, or disable computers or software application systems. One of those software applications is WordPress, a collection of files containing code that powers over 30% of all websites on the internet.
Why Does Website Malware Exist?
Malicious software exists in order to compromise websites and systems. Websites are a prime target for various reasons including gaining access to private user data, web server resources, and even a few minutes of “fame” for the hacker when they replace your website with a message of their own. This is known as a “defacement” and is usually a political or religious message. However, the majority of malware is designed to infect a website for the financial gain of the hacker.
How Malware Benefits the Hacker
So how does a hacker make money by releasing automated scripts into the wild? It’s often through the use of pay-per-click affiliate links and pay-per-install software links.
Imagine this scenario: a hacker infects a website which injects links into your content that contains their affiliate ID, redirecting visitors to a website that is paying small commissions just for clicks. Easy money for the hacker. Now imagine that same malware spreads to hundreds or thousands of additional websites. The more clicks, the more money for the hacker.
This methodology also applies to pay-per-install software affiliate programs. When a website is compromised with this type of malicious software, anyone who visits that website runs the risk of having a software program installed on their computers without their knowledge. This type of hack is known as a “drive-by-download”. The worst part? This software usually includes some type of “keylogger” which keeps a track of everything a user types, including usernames and passwords, and sends that data back to the hacker for their future use.
How to Check Your Website for Malware
The good news is that you can check your website for malware immediately and utilize security best practices to thwart any malware infection attempts before they do damage to your internet-based business.
Look for Signs of Infection
The first step in checking for existing website malware is to look for common signs that you’ve been infected. The most obvious hack, known as a defacement, would be noticeable right away by simply looking at your site. But defacements only accounted for 15% of malware incidents in Q3 of 2017.
If you’re website hasn’t been defaced, you might still be infected if:
- Your website files were modified or deleted without your knowledge
- Your website freezes or crashes
- You’ve experienced a noticeable change to your search engine results, such as blacklisting or harmful content warnings
- You’ve experienced a rapid drop or increase in traffic
If any of these common signs appear, you can follow these steps to confirm your suspicions.
Use a URL Scanner
A great tool to help identify a malware infection is through the use of a free URL scanner. One such tool is VirusTotal. This service utilizes over 60 antivirus scanners and URL/domain blacklisting services to see if your URL has been flagged for malware.
Automated Monitoring, Scanning, and Removal of Malware
There are several security tools for monitoring your website files for changes. When changes to your websites files are detected, you’re alerted to those changes and can check to see if it’s due to normal website maintenance behavior like installing or deactivating plugins or themes, or if something more nefarious is at play.
If you’re technically inclined, you can check your database, files, and source code for signs of malware. If code isn’t your second language, don’t worry – keep reading for more information about automated malware scanning.
Automatic website scanning not only saves you time, but allows you to get ahead of any infections, which can reduce the negative impact of malware on your site and its visitors. Products like the SiteLock SMART PLUS scanner are designed to automatically scan for known and common malware types including backdoor files, shell scripts and spam. If the website scanner identifies malware, the website owner will be alerted immediately, and it’s also the only solution that provides automatic removal of malware.
It’s important to note that preventative measures against malware are only as good as their ability to keep up with new malware types and trends. A thorough malware scanner should be backed by a comprehensive database that logs the most recent and persistent malware threats, offering the most up-to-date protection possible.
As cybercrime and malware scripts continue to evolve, being proactive about your website’s security is your best defense. Whether you use hands-on methods to check for malware yourself or deploy an automatic website scanner, by learning the different ways to look for malware, your website is one step closer to being secure.
If you’d like to learn more about website malware, website hacks and how to protect your website, make sure to attend my session at Type A Parent 2018 or stop by our sponsor table anytime during the conference.