<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Author: Andrey Kucherov

How to remove malware from a website manually & malware injection removal

IMsec_removemanually

The detection rates of anti-malware and antivirus scanners varies considerably. Knowing how to manually scan for and remove malware is an important and useful skill with which to confirm a scanner's effectiveness or compensate for its failings. In this article, Andrey Kucherov, Malware Analyst at Imunify360, describes some essential manual website malware detection and cleanup techniques.

Manual malware cleanup

Imu360_manualmalwarecleanupHow to clean a website? How to remove malware? In case ImunifyAV, Linux server antivirus, signals about malware that have been found, please find the guidelines for the malware infection cleanup which can be done manually below:

Malware: Why is it hard to remove?

malware-remove

Have you ever wondered why malware is so hard to get rid of, and why, no matter how many times you run your malware scanner, infected files keep reappearing, as if by magic?

In this article, I’m going to show the inner workings of such persistent malware, by dissecting and unraveling some malware samples recently discovered by the Imunify360 cybersecurity product.

You’ll see how this particular strain of malware propagates and evades detection, and what you can do to stop it infecting your system.

A post-hack survival guide: cleaning your website after being hacked

b2ap3_large_survival-guide

Very often, web hosting administrators start to take security measures only after a website has been hacked. So, let us imagine the situation when ImunifyAV has been installed on such an infected server. All malware has been cleaned in one click, and all malicious activity has been stopped.

Vulnerable PressForward WordPress Plugin Was Available Almost a Year

Vulnerable PressForward WordPress Plugin

 

The Imunify security team recently detected a vulnerable plugin in the WordPress plugin directory. It’s called PressForward, and it’s used to manage editorial workflow. This free plugin included an iframe that could be used to send visitors to a malicious web page. 

The Imunify team identified the vulnerability in this plugin on the first of July, 2020. At the time it was discovered, the plugin was installed on 800+ websites, where it could be used to send visitors to phishing sites and conduct black SEO campaigns. The plugin’s change log indicates that it has been there for almost a year:

Imunify Operations Team Eliminates Wordpress Malicious Plugin

wordpress-plugin
Last week the Imunify360 Operations Team spotted some malware embedded in a WordPress plugin. On Thursday, they reported it to the WordPress Plugin Review Team, who closed that plugin the very next day. 

We’d like to share with you what our Operations Team saw, so you know more about how malicious plugins work, and how you can avoid them. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

Imunify360 Goes Hunting: A look at the latest victim

Hunting

The Imunify Malware Detection Team have a stash, a repository of over 7 million openly-available CMS add-ons and plugins.

HiddenWasp: How to detect malware hidden on Linux & IoT

b2ap3_large_HiddenWasp-banner

There’s a dangerous new malware affecting Linux and IoT devices known as HiddenWasp. In this article, I’ll dissect it to show you how it works and how you can stop it infecting your Linux server or IoT device.

Host your website safely and avoid website cross-contamination issues

cross-contamination

This article discusses the hidden pitfalls of hosting multiple websites on one hosting account, and how you can remediate the consequences of website cross-contamination.

What to do if your Website is Hacked: A Disaster Recovery Plan

What-to-do-if-your-Website-is-Hacked Thousands of websites get hacked on a daily basis. Actually, thousands out of the many billions of websites on the Internet is quite a low percentage, but if you got unlucky and your website is among those, you need to take it seriously, and respond to the threat quickly and wisely.

Unfortunately, very often, website owners are 100% sure that they won't ever be a victim, and do not have a valid disaster recovery plan for such cases. Or, if they do, the plan consists of just one bullet point:

  • I was unlucky and the plan is to shut down my business.

In this article, I cover that gap and offer you a solid disaster recovery plan if your website got hacked. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

Subscribe to Imunify security Newsletter