Handling an infected website Print

  • malware, phishing
  • 1

Malware, short for malicious software, is created by cybercriminals with the intent of causing harm to a website. It is used to steal sensitive customer information, hold websites for ransom, or even take control of the website itself. In many cases, victims of malware may not realize they’ve been attacked until it’s too late.

There are a variety of ways a cybercriminal can use malware to infect your website. When a cybercriminal finds vulnerabilities in your website, they are quick to attack. First, they’ll decide why they want to access your site. Then based on their intent, they’ll determine the type of malware to use.

Find Out How You Were Hacked

If your account has been compromised, knowing what caused the compromise will allow you to address the root cause directly and prevent it from happening again, and save you from having to worry about how it happened.

Options for Infected Websites

Learning your website has been infected with malware is frustrating, but you aren’t alone, and you have options. When you contact Transworldafrica.co.ke support about malware infection, we will help you choose the best option to secure your site. There are several ways you can remove malware.

  • Professional Malware Cleaning Services
    Having experts clean the malware infection from your website is a great option if you don’t have the time and expertise to do it yourself. Our security partners at SiteLock can help you remove malware on your site and provide solutions to proactively prevent future infections.

  • Restore Your Site
    You can restore your website using a backup made before your site became infected with malware. If you do not have a backup, we can provide you one for a fee if we have a backup before the compromise. It is critical that you use a backup made prior to the site being infected to completely remove the malicious code, if not your restored site will remain infected. Be aware that you will lose any changes made to your site after the backup you use was created. Even after restoration, your site will likely have the same vulnerabilities that would allow it to be compromised again. For this reason, it is important to take additional proactive measures with your website security.
  • Create a New Site
    A final option if your site cannot be restored or repaired is to create a new website.
Important Note:
Preventing website attacks is always easier and cheaper than repairing a site that has been infected with malware. TransworldAfrica.co.ke recommends you choose a website security plan from our partners at SiteLock.
 

Removing Infected Files and Directories

When a site is compromised by malware we always recommend using a professional service to guarantee resolution and prevent future infection. If you are unable to hire a professional, you can attempt to fix your website yourself. To do this you need to identify and remove recently added or modified files or directories.

Exercise extreme caution when removing website files and directories because you can disable features and functionality on your site and it does not guarantee removal of malicious code. Additionally, file removal does not address vulnerabilities that allow attackers to gain access to your site. Finally, by choosing to self-service a site infection, you take full responsibility for changes made to the site, any files deleted and or breaks in functionality.

To identify infected files or directories look for:

  • Strangely named files or directories (i.e: xf8c3l.php or /home/username/public_html/wellsfargo).
  • PHP files located in image folders.
  • Base64 or other encrypted injections inside of site files which can be removed using file editors.

If your website is currently under investigation, please DO NOT MAKE CHANGES, including the removal of files and directories.


Was this answer helpful?

« Back

Powered by WHMCompleteSolution