April 12, 2018 by Agnes Talalaev
Has that ever happened to you that your website got hacked? We will share a case with you how Toms website got hacked, actually, multiple websites got hacked. So let’s dig in.
According to statistics, over 30,000 websites get hacked every day and even a regular small business website is attacked around 44 times per day. In many cases, website owners have no idea that their website got hacked, redirecting to malicious sites or is spreading malware. In most cases, those websites are owned by people who have no knowledge about cybersecurity.
Well, but think – you have a website that is generating money for you or holds a very important task in your company. You invest in design and development and work hard to write good copy and multiple blog posts. But one day you discover that all of your information is compromised, the website got hacked and is defaced with political propaganda or spreading malware and spam. Infuriating!
A month ago a user on Reddit posted a thread about an issue with his sites, he wrote:
“I have 20+ websites. It’s more of a collection. I use 3 for business and the rest is just a hobby of collecting websites. Some have interesting content, others I will use for a couple months and get bored of.
My hosting provider said my account was using too much CPU resources and shut down all websites. It looks expensive to protect all of my sites, and I’m still dealing with the malware issue. It makes it harder having so many sites, which are all infected. Any advice?
I think it was from a plugin that was not updated. Still have not gotten to the bottom of it. I’ve been looking into some sites for protection.
This has made me learn valuable lessons about backups and protection. Any advice would be appreciated. It seems like when this happens to other people it happens to 1 website, in my case I’m dealing with 20+ and it is a nightmare. Thanks.”
Tom´s case is just one of many, where website, or in this case many websites were compromised by an attacker. Like usually, the website owner had no idea until the hosting provider saw something suspicious and contacted the website owner. But this was only the beginning…
There are some options a website owner can consider when their website got hacked. One thing for sure is to rebuild the sites and copy the content to the new website. This option will take a lot of time. We also recommended Tom to scan the files, grep the whole DB for base64, eval, PHP and iframes, check the file change dates, diff plugins/themes with original versions, update/upgrade and change access codes.
But for a non-technical person the sentence above did not make any sense, right? It’s often easier to find a partner who does all that for you. In some cases, it’s even worse to start the cleanup yourself (or with the help of some “how to” article), because without the in-and-out knowledge you can totally mess up your whole site by a mistake.
All of Tom’s websites got hacked, but that was only the beginning. After your website gets hacked, what’s the first thing you do? You’ll find help, right. That’s exactly what Tom did, but the help was not the kind he was expecting, and we quote:
“Hi everyone, thanks for the advice it is greatly appreciated. I’ve been dealing with this headache all weekend and it is mostly solved. Unfortunately, I had to throw money at the problem to solve it. I first hired a media company that was very scammy. They spent 3 days trying to fix it and failed, would not give me a refund and charged over 1500 USD. I ended up disputing the charges.”
So when such a problem arises, it’s not a good idea to look for the “first service provider” that comes up when you go to ask Google nor the cheapest one. Business-world is profit oriented world and everybody wants to make money. For that, people are willing to do anything to get it. So the lesson-learned – do a research about the companies providing security-related services, because security is not something that should be taken lightly (brotip: read reviews).
Fortunately, Tom found a service provider, who helped him fast and professional, but he did learn an expensive lesson.
“My hosting provider recommended a security company and they fixed 4 websites in a few hours. I ended up deleting the other sites and they will forward to my main sites. They are providing yearly service and will protect it in various ways.”
So what happened next was like an aftershock after a big earthquake – when your website got hacked and you don’t act fast enough your sites will get blacklisted. That’s exactly what happened to Tom also:
“Unfortunately, the problem is not over. My organic search on Google has plummeted. I think some sites got blacklisted and when you search my field/expertise I no longer come up on the first page. After contacting Google to get me back up, I found out it will take 2 – 3 weeks in order to get back up. This means our company could lose…. over 100K by missing out on clients for these few weeks. I have learned a valuable lesson. Our site has been on the internet since the 90s and times have really changed and I unfortunately forgot to grow with the times. I guess we will start over to get on the first page once again. Any advice is appreciated. Thanks, everyone.”
As he said – he has learned a valuable lesson. Some website owners have no idea their website is vulnerable or even hacked until the worst-case scenario has happened – revenue and potential clients are lost. These things happen on a daily basis and there are thousands of Tom’s and their businesses which suffer.
If you don’t want to live the same story, the first thing at least is, to begin with, security monitoring. We have also written an article about 12 website security tips from experts to keep in mind in 2018. That comes in handy when you want to take the first steps towards securing your site online. Click here to read more.
Thank you, Tom, (name changed) for letting us use your story.
Protect your websites from malicious traffic - set-up in under 3 minutes.
WebARX is compatible with the following platforms: