Subscribe by Email

Your email:

Latest Posts

Popular Posts

Archives

Malware Measures & Vulnerabilities

Current Articles | RSS Feed RSS Feed

How we fixed a Malware Infected Site - True Customer Story

Posted by Jason Remillard on Sun, Jan 24, 2010 @ 11:55 AM
  | Share on Twitter Twitter |  Share on LinkedIn LinkedIn 

Malware Infection, Cleanup and Vulnerability Analysis and Consulting Services…

ALERT: TRUE STORY BELOW..

Want to understand how simple it is to secure your site?  Sure, we’ll take a real customer example from this week to document the story.

(Names and Certain Elements removed to protect confidentiality)

Context:

Large financial news information site that was recently infected several times.  Running an older (but not so old) version of WordPress.  Established site, running for years, great following.

Attacks:

Several different approaches, including a desktop infection, which then infected the site.  Infections spread internally from there.

Impacts:

Malware was being distributed to its 2000+ unique viewers a day.  Due to the depth of the attack, google has reindexed the site with all of the pornographic and male-enhancement site links, meta tags, etc.  Effectively, the site (and business) is in bad shape, SEO results are suffering.

The Approach:

Customer signed up for a free scan, which resulted in the 1st metric on the chart below (roughly 1,640 High and Medium Vulnerabilities)  – Keep in mind, this is a fairly large site.

The customer took the recommendations and executed some of them (upgrading Wordpress being the first).  After contacting our support group, we went through the rest of the report, and summarized the findings, and recommendations.

Luckily the Malware Alert Attack Site! flags have been removed from most browsers..

Conclusion:

As a result, we’re now down to 2 high severity issues, and about 70 medium severity.  Direct Malware injections were removed.  Now we’re going through the last steps to remove the last stragglers of the infection,  (some things are set to reinfect after removal, etc.), and CLOSE THE DOORS on the site.

We’ll wrap up the work in a day or so, and the customer will be free from the existing hacks, and we will be monitoring his site on a daily scan basis (for both vulnerabilities and Malware) for the next few months.

Actual Screenshots from the Reporting Tool @ SiteSecurityMonitor.com
 

 
 
 
 
 
 
 
 
 
 
 
 
 
 
We have summarized the vulnerabilities detected over time (added medium and high priority issues) in order to give you a snapshot of your performance over time

Total Issues: Below are the issues detected on this scan, and the last scan.

 

 Latest scan ( 2009-12-03 xxxxxx AM )

Previous scan ( 2009-11-30 xxxxxx AM )


Tags: , , , , , ,

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics

Follow Me

Get Your Site URLs Scanned Every Day

sitesecuritymonitor.com seal

Malware: 
101,658 patterns

Vulnerabilities: 
32,430 Exposures

 INSTANT alert 
if malware is found

Get Protected Now
Just $99/year

 

Get a Free Scan

Yes, I need help!

Privacy - Terms - Site Map