Unmask Parasites. Blog.
msgbartop
Unmask Parasites - Check your web pages for hidden links, iframes, malicious scripts, unauthorized redirects and other signs of security problems.
msgbarbottom
Loading site search ...

Matt Cutts on Malware

   11 Jan 12   Filed in Tips and Tricks, Unmask Parasites


Video highlights:

  1. Use Safe Browsing diagnostics — false positives are very unlikely
    http://www.google.com/safebrowsing/diagnostic?site=<your-site-URL-here>

    • The problem might have been caused by a third-party content (ads, widgets) that you use on your site
    • But in most cases the problem is in the malicious content/behavior added by hackers.
  2. Malware review via Google Webmaster Tools.
    • prove ownership
    • use the  Diagnositics -> Malware section for information on malware issues (e.g. examples of URL were malware was found, and samples of the found malicious content)
    • Once you fix the problem, click on the “request a review” link — your site will be reviewed during the next few hours.
  3. Fetch as Googlebot. – useful tool to diagnose security problems when hackers hide malicious content from normal human visitors and only show it for search engine spiders (cloaking) — this is quite a prevalent type of website hacks (part of massive Black Hat SEO campaigns).
  4. .htaccess — is a popular target of website hacks. For example, hackers can add conditional rules to redirect all search engine traffic to a third-party website.
  5. SQL-injections — another trick where hackers can exploit bugs in web applications that fail to properly sanitize user input — as a result, malicious content can be injected into site’s database.
  6. Finding malware may be tricky.
    • Don’t only check the source code of your web pages. Check what browsers receive from your web server (both the page code and the HTTP headers).
    • You might want to play with different scenarios. Warning: please use specialized tools and do it only in a controlled sandboxed environment, otherwise malware may infect your computer.
      • direct visit
      • visit from a search engine
      • visit with clean cookies (first time visit)
      • visit using different browsers (IE, Firefox, Chrome)
      • visit from from different IPs and countries
  7. Keep your system up to date.
  8. Change passwords.
  9. Unmask Parasites :) -  Matt called this site a “really useful place to talk about all the different attacks that are currently going on”.
If you need my help to resolve your site security issues, you can request it here.

Tags:
«
»

Leave a Comment


XHTML: You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

sidebartop

About this blog

Occasional posts from the developer of
Unmask Parasites about things that hackers already know and site owners should know (if they don't want to be victims).

Exploit reviews, security tips, and all that jazz.

This blog in the news

Get free updates:  RSS   Email   Twitter   G+
sidebarbottom
sidebartop

Recent Posts

sidebarbottom
sidebartop

Categories

sidebarbottom
sidebartop

Recent Comments

sidebarbottom
sidebartop
advertisement

Has your website been hacked?

We're here to help you get back up and running with minimal downtime!

Call us now at 1-800-639-6442

www.HackRepair.com
sidebarbottom
sidebartop
sidebarbottom
© Unmask Parasites. Blog. / Design: Smashing Wordpress Themes