My Site Has Been Hacked! Help!

On May 20th 2010, we experienced an attempted hack of our optimum7.com website. We wanted to address this issue as these attacks are getting more frequent since the goal is to generate (pirate) traffic and revenue to another site. The nature of this kind of attack might go unnoticed by a webmaster before it is too late.

Why Would Hackers Want to Hack my Site?
The hackers seek to insert a line of code on your site that will generate a popup or a re-direct using an iframe or javascript that goes to another site. This way, they can direct traffic to any site they wish. It’s very hard for 95% of webmasters to recognize this type of attack, let alone fix it. Your site looks ok and runs fine until Google slaps a “Not Safe” stamp on your URL.

How Do I Know that I Have Been Hacked?
The best and easiest way to know is to sign up with “Google Webmaster Tools”. There’s a section under “Malware” that gives you information about your site and the security issues. Even if you do not suspect it, go and signup, it’s fast and Google actually sends you an email if it ever finds any suspicious activity on your site.

How Do I Prevent Being Hacked?
I don’t think that anybody can prevent it. I’m sure the FBI, CIA and even GoDaddy would have prevented it, if they could. However, monitoring it is essential. There are certain tools that you can use here, to make sure that you find a solution or a service that will (1) identify issues with your site and (2) be able to solve those security issues.

My Site Has Been Hacked! What Now?
• If you use a content management system (CMS) such as WordPress or Joomla, make sure that you upgrade to the latest version.
• Log into your CPanel, and make sure that you do not have suspicious users in your database access section. Hackers usually get access to your database and create bogus users.
• Fix all the security issues stated under “Malware” in “Google Webmaster Tools”.

If you are unable to fix the issue, contact us. We can help.

May 26, 2010