What is Malware Injection and Ways to Protect Your Website From This Attack
Overview of Malware Injection
Many clients have come forward to us and claim that their website has been blacklisted by Google due to malware injection. So what exactly is malware injection? According to Wikipedia, a malware is any software intentionally designed to cause harm or damage to a computer, client (browser), server or a computer network. It is injected into a target's computer in the form of an executable code, scripts and other software. The code is described as computer viruses, worms, Trojan horse, keylogger and among other terms.
If your computer has become infected or compromised, the virus (e.g. keystroke malware or trojans) can actually "sniff out" FTP passwords and send it back to the hacker. The hacker then uses your FTP password to access your website without your knowledge and inject malicious iframe coding to infect other visitors who landed on your website.
If your website has been caught injected with malware and subsequently detected by Google, the warning sign shall appear on your visitor's web browser e.g. Chrome :
Most web browsers will put up a notice when they've detected malware in your website. This prevents other people from unknowingly downloading the malware. If you'd like to check if your website has been infected, use the Website Security Check from Unmask Parasites.
Using our own company's website as the scanning target, here's how the scan result presented by Unmask Parasites:
Alternatively you may scan your own website using Google's Safe Browsing tool.
You might also like to take the following preventive measures to protect your website from malware:
Upgrade your Adobe Reader to the latest version
Install anti-virus software like Malwarebytes and Kaspersky
Use Secure FTP (sFTP) instead of FTP
Remove all malicious coding from your website
Upgrade Content Management System (CMS) to the latest version e.g. WordPress, Joomla, Drupal etc.
Change your FTP password regularly and make it complex
(DO NOT USE SIMPLE PASSWORD SUCH AS QWERTY12345)
Besides understanding how malware injection works and how to counter them as described above, you can also find the top 10 list of FTP Clients which are prone to hacking attempts. Click here for full details.
Updated on: 12/02/2019