Latest Article

Casbay News

Promotions

Casbay Events

Tips Sharing

aaa

Stay tuned with us

Why was website hacked?

You still hear the question, when you talk to customers whose website has been hacked, “Why was my website hacked? “To get hacked is infringement. This is a misuse of a company’s web assets, or a personal infringement of someone’s small business or specialty site.

Many hacks on website aren’t intimate. This week we are here to inform readers that most compromises aren’t deliberate assaults. We’ll explore how and why bad actors hack sites, and how to stop being another line in a text file controlled by an attacker’s sites.

Specific websites are not targeted directly to attacks. Which is, not the number. Sites are fish in the Internet’s sea and get caught up in malicious actor’s scanning nets.When a vulnerability is published, like the recent Joomla SQL injection vulnerability, attackers craft scanners which search the Internet for vulnerable versions of Joomla and compromise only those sites which they can exploit. It works the same for WordPress.

Attackers browse the net searching for low-hanging fruit, the many established exploits on WordPress sites that attackers know they can effectively exploit, and then use one or more of those exploits to gain foothold on the web. When the attackers have some leverage they are 
working to change the platform to achieve their goals.
 
The goals of the attackers, again, are not political. They don’t want a place named ‘your.’ We want the money and a strong reputation of your site on search engines to drive traffic for financial gain.
 

How is website hacked?

It is capital that is why websites are hacked. Often it’s credibility, say in defaults, even though those are not usually targeted either. In most hacks, bad actors upload spam or spam file creators to the web and move those spam files to search engines, pushing traffic to, say, online pharmacies or knock-off ski jacket pages.

Here we see beginning code of a spam file creator uploaded to a vulnerable site that collects content from a malicious or compromised site to produce spam.

When full control is achieved, the attackers fill the web with tens of thousands of spam files often through a shell or spam file developer, all waiting to drive traffic. Here we see a very small sample or brand spam posted to a website or written down. Other spam is of the pharmaceutical nature, driving search engines and subsequently users to the malicious sites.

As we’ve seen, nothing about the pages that were targeted related to or was personal. In these hacks, we often see trends of spam content and file names supporting the broad-net concept of web compromises.

Tips to Prevent a Website Compromise

We’ve hopefully supported any worries of a personal attack. Now knowing how and why hacks, what should you do to prevent hacking of your website? Here are three easy steps.

  • Update your site — the CMS, plugins, and themes — as soon as you can after updates are available. Updates close the holes attackers scan for and usually include other stability and usability fixes.
  • Next, implement a web application firewall like the SiteLock TrueShield. Available options range from free to enterprise, so there’s really no excuse not to implement this easy-to-setup (and effective) technology. TrueShield even protects sites that are behind on updates and contain known vulnerabilities. See step 1.
  • Implement a site scanner which detects and cleans malicious code on your site.  There is a variety of scanners out there–all the way from ones that crawl your website from the outside-in and only detect malware displaying in the browser, to those that scan all the files in the website’s root directory and automatically remove malware.