The detection rates of anti-malware and antivirus scanners varies considerably. Knowing how to manually scan for and remove malware is an important and useful skill with which to confirm a scanner's effectiveness or compensate for its failings. In this article, Andrey Kucherov, Malware Analyst at Imunify360, describes some essential manual website malware detection and cleanup techniques.
Have you ever wondered why malware is so hard to get rid of, and why, no matter how many times you run your malware scanner, infected files keep reappearing, as if by magic?
In this article, I’m going to show the inner workings of such persistent malware, by dissecting and unraveling some malware samples recently discovered by the Imunify360 cybersecurity product.
You’ll see how this particular strain of malware propagates and evades detection, and what you can do to stop it infecting your system.
Very often, web hosting administrators start to take security measures only after a website has been hacked. So, let us imagine the situation when ImunifyAV has been installed on such an infected server. All malware has been cleaned in one click, and all malicious activity has been stopped.
The Imunify security team recently detected a vulnerable plugin in the WordPress plugin directory. It’s called PressForward, and it’s used to manage editorial workflow. This free plugin included an iframe that could be used to send visitors to a malicious web page.
The Imunify team identified the vulnerability in this plugin on the first of July, 2020. At the time it was discovered, the plugin was installed on 800+ websites, where it could be used to send visitors to phishing sites and conduct black SEO campaigns. The plugin’s change log indicates that it has been there for almost a year:
We’d like to share with you what our Operations Team saw, so you know more about how malicious plugins work, and how you can avoid them.
The Imunify Malware Detection Team have a stash, a repository of over 7 million openly-available CMS add-ons and plugins.
There’s a dangerous new malware affecting Linux and IoT devices known as HiddenWasp. In this article, I’ll dissect it to show you how it works and how you can stop it infecting your Linux server or IoT device.
This article discusses the hidden pitfalls of hosting multiple websites on one hosting account, and how you can remediate the consequences of website cross-contamination.
Unfortunately, very often, website owners are 100% sure that they won't ever be a
- I was unlucky and the plan is to shut down my business.
In this article, I cover that gap and offer you a solid disaster recovery