The latest browsers from Chrome and Firefox are now displaying a warning that says something like ‘Something’s not right here’ if they detect the existence of a nasty piece of code on your site. They then go on to explain that ‘proceeding onto this site may infect your computer with a virus’.
If you don’t clear this message quickly you may find your site blacklisted and then all Search Engine listings will display ‘The site may damage your computer’ under the ranked listing.
That’s not something you want to see on Google right? That can really jurt yoru business.
The Malware in particular is called an ‘html injection’ or trojan virus and it recently took out 70% of my sites in one fell swoop. What it does is add a little bit of code to your index file (that the page that most people see when they come to your site).
This file does not do any damage itself but it does advertise your site to hackers and provides them with a back door to your system where, once inside, they can do all manner of nasty things.
Internet Eplorer will not advise you of this issue even in its latest version (9 now in beta testing). Nor does Apple’s Safari. So the first thing you should do is download Google Chrome (it’s free) and look at your site with it.
Blog sites such as WordPress are particularly vulnerable because, since they are so prolific, they provide a greater harvest of computers to attack. So the people who designed this trojan made sure that it could easily infect blog sites.
What to do about it?
- Here are a couple of ideas:
- Check your site on the Chrome browser.
- If it is infected call your support guy and let him know. If you don’t have a support guy have a look at the index/default page on your site and check the last line. If it mentions imgaa dot net or any other site that you don’t recognise delete it.
- Make sure your own computer is clean and free of malware or virus. This may be the source of the infection.
- Make sure your blog software is up to date.
- Use a monitoring service like Sucuri (www.sucuri.net) which will monitor your site every 3 hours or so and report back to you before the site is blacklisted by Google and other search engines. This service is less than $10/month and well worth it.
For more information on the code have a look here http://www.stopthehacker.com/2011/05/04/web-malware-faking-images/
And, for what it is worth. I am moving my blog sites off my server so the hackers cant fish around all over my server and find other vulnerabilities.