Softpedia
 
HomepageWindowsGamesDriversMacLinuxScripts buttonMobileHandheldNews

NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
TRENDING TODAY
Home > News > Security > Advisories

September 19th, 2012, 13:34 GMT · By

Kaspersky Advisory: How to Identify and Clean Up Compromised Sites

SHARE:

Adjust text size:

Browser warnings may indicate that your website has been compromised
Enlarge picture
The lack of proper security measures, poor coding, and application vulnerabilities allow cybercriminals to take over a large number of websites, making them serve a specific role in their malicious campaigns.

Kaspersky experts have made an advisory to teach users how to identify hijacked sites and how to clean them up.

So how can you tell if your website is infected with malicious elements?

If your customers complain that they can’t access it because it’s blocked by the browser or their security app, if the site is blacklisted, or there’s a sudden significant change in traffic, you’re most likely a victim.

In other situations, the website doesn’t work properly, or, after visiting it, your computer starts acting up.

In case you’re experiencing one or more of these symptoms, the first thing you must do is check activity logs. In many situations they can help identify the malicious files and maybe even the way the attackers managed to penetrate your systems.

Then, if you have a clean backup copy, restore the site’s content to its initial state. However, this must be done only after the software that runs on the server is reinstalled.

If you aren’t fortunate enough to have a backup copy, you can track down the malicious files with an automated website scanner such as the one offered by sucuri.net.

In case you’re the owner of the infected server, run a full system scan with a reliable antivirus product, but not before backing up your files, since in some cases they tend to delete infected files instead of cleaning them.

If all else fails, you’ll have to manually go through each files to look for the malicious code. If you haven’t obfuscated any of the code yourself, then all the unreadable pieces of code have been probably planted by cybercrooks.

To prevent your website from being overtaken in the first place, make sure that you use strong passwords, permanently keep all software components up to date, frequently create backups, scan your files on a regular basis, and – in case you own the server on which it’s stored – be sure to harden its security.

For more details, check out Kaspersky’s advisory.


991 hits
Link to this article · Print article · Send to friend

MUST-READ RELATED ARTICLES:


German Users Warned of IE Zero-Day Attacks, Told to Turn To Other Browsers
Gartner: Security to Remain a Priority, Spending Might Reach $86 Billion in 2016
US-CERT Warns of Ransomware Impersonating the FBI
Java Users Still Not Safe, Experts Report New Vulnerability to Oracle (Exclusive)
Discover Phishing Scam: Card Statement Available in Account Center

READER COMMENTS:



No user comments yet.
Be the first to express your opinion!
Copyright © 2001-2013 Softpedia. Contact/Tip us at

WindowsGamesDriversMacLinuxScriptsMobileHandheldNews

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   UPDATE YOUR SOFTWARE   |   ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are
registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use