<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Tag: malware

Why Malware on Your Website Should Never Be Ignored

why-malware-should-never-be-ignored

For website owners unfamiliar with common malware, having malware on your site that doesn’t  cause any obvious issues is seemingly harmless to the site owner. How bad can malware be if it just injects links? If site owners do not understand the repercussions of malware, then they will not take it seriously. It often means that these site owners don’t have the necessary monitoring and malware protection in place to defend sites. For shared hosting providers, this issue can have severe consequences and long-term effects on the server’s reputation and potential profitability. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

How to remove malware from a website manually & malware injection removal

malware injection removal

The detection rates of anti-malware and antivirus scanners varies considerably. Knowing how to manually scan for and remove malware is an important and useful skill with which to confirm a scanner's effectiveness or compensate for its failings. In this article, Andrey Kucherov, Malware Analyst at Imunify360, describes some essential manual website malware detection and cleanup techniques. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

Why Malware on a Server is Always a Bad Thing

why_malware_on_a_server_is_always_a_bad_thing

In 2020, approximately one million websites hosted on WordPress were actively targeted by cyber-criminals. Large-scale campaigns are common and your server could easily be compromised without you noticing it. Even when malware is silent and undetectable, it can cause long-term side effects that damage your business reputation, customer retention, revenue, and lead generation from search engines. It’s imperative to business continuity that you detect attacks, mitigate ongoing attacks, and remediate them quickly after they are found.

Malware: Why is it hard to remove?

malware-remove

Have you ever wondered why malware is so hard to get rid of, and why, no matter how many times you run your malware scanner, infected files keep reappearing, as if by magic?

In this article, I’m going to show the inner workings of such persistent malware, by dissecting and unraveling some malware samples recently discovered by the Imunify360 cybersecurity product.

You’ll see how this particular strain of malware propagates and evades detection, and what you can do to stop it infecting your system.

An Analysis of WordPress Malware

wordpress-malware (1)
When it comes to building and managing professional-quality web sites, content management systems have become the default way to do that. WordPress is by far the most popular CMS: it’s used to build and manage around six out of every 10 sites.

The popularity of WordPress makes it a prime target for hackers. In one of our regular investigations, we recently encountered a particular strain of malware that targeted it. Here’s an analysis of that malware that we’d like to pass on to sysadmins.

Malware Obfuscation using plain HTML: 7 Examples

obfuscate htlml 7 examples

Hackers will use any method they can to infect your server.

Just because a web site is using plain HTML, doesn’t mean it’s safer than one built on PHP. In this article are seven common examples of obfuscated malware and their de-obfuscated equivalents. To complement my article on PHP malware obfuscation (php goto), this article will look at obfuscation using plain HTML and JavaScript. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

PHP malware obfuscation using goto

php goto malware banner

Imunify’s Malware Intelligence Team has been witnessing an increase in malware samples using the goto programming construct. Here’s a chart showing the recent surge of malware using goto as an obfuscating mechanism.

HiddenWasp: How to detect malware hidden on Linux & IoT

b2ap3_large_HiddenWasp-banner

There’s a dangerous new malware affecting Linux and IoT devices known as HiddenWasp. In this article, I’ll dissect it to show you how it works and how you can stop it infecting your Linux server or IoT device.

What to do if your Website is Hacked: A Disaster Recovery Plan

What-to-do-if-your-Website-is-Hacked Thousands of websites get hacked on a daily basis. Actually, thousands out of the many billions of websites on the Internet is quite a low percentage, but if you got unlucky and your website is among those, you need to take it seriously, and respond to the threat quickly and wisely.

Unfortunately, very often, website owners are 100% sure that they won't ever be a victim, and do not have a valid disaster recovery plan for such cases. Or, if they do, the plan consists of just one bullet point:

  • I was unlucky and the plan is to shut down my business.

In this article, I cover that gap and offer you a solid disaster recovery plan if your website got hacked. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.

Subscribe to Imunify security Newsletter