Malware Removal

If you see a screen like this (in Chrome…)

Malware Removal malware removal

Warning: Something's Not Right Here!

or like this (in Firefox)…

Malware Removal reported attack page

reported-attack-page malware removal

or similar in other browsers (Internet Explorer, Safari, etc.) then this post applies to you.

The bad news:

Your Site Was Hacked!

The good news: (1.) it was probably before you moved your site to SwiftCMS, so you just need to get Google to re-spider your new site, and (2.) we ‘ll help you fix this. (3.) It was most likely for “malware injection” of which the goal is to install a virus and/or profit-yielding-cookies (such as ebay-affiliate code for example), and not a personally-motivated and/or not likely there to obtain personally sensitive data of your customers.

Note that one of the benefits of SwiftCMS’s monthly support system is hacker insurance and security procedures. There are a lot of things we do behind the scenes to keep your new website safe, so it’s very very unlikely to happen in the first place, simply because there are millions more easier targets for the hackers. In addition, if this did happen, we’d probably know before you, and remove it, and last, if we do remove it, it’s at no additional cost to you – a form of insurance.

This is beyond budget hosting. 

A typical budget host will send you a help file and tell you “go get ‘em tiger. Good luck”.

Did I mention if you have this warning Google’s also telling the world? Like this…

Malware Removal this site may harm your computer

this site may harm your computer

Anyway, let’s get it fixed.

First, this post assumes the actual damage, the actual malicious code is already removed. If you’re reading this and your website is not on SwiftCMS + WordPress (i.e. hosted on SwiftWebDesigner.com servers), then today and now is the perfect time to upgrade – and you’ll get this fixed as a side benefit. Otherwise, go to http://www.stopbadware.org/home/badware and FTP in, find the injection, and remove it. Tip: The hackers are smart; they 1. encrypt the injection, so you can’t just search for the offending code, it’ll be hashed or disguised as serialized php, 2. it may not even be in the code, it might be in the sql database, 3. they tend to look for files labeled index.* in my experience i.e. index.php etc. 4. backup the site first, even with the malware in it, as you may need to wipe your entire website. 5. If you’re not fairly expert, and familiar with reading code, including php, this is not something you’re likely to succeed at. 6. change all your FTP passwords immediately, then use a superior method to connect such as SSH / SCP; some hackers use “FTP port sniffers” which transmit the FTP data to a malicious party, who then just walks in and adds it, and 7. the hackers are even smart enough to hide the intrusion from you, if your PC is infected, which prolongs the lifespan of their hack, since you don’t see it, therefore, you’ll need several computers to work on this, ideally one of them linux (more virus resistant; macs aren’t virus-proof any more since they switched to intel chips).

Or, call us, or your Swift Consultant, and get a new site – we can clone your old one + upgrade it faster than you might expect (and fix the problem).

So the info below is really just removal of the message / warning. Here’s how to get Google to re-spider your website (and thus see that it’s been cleared).

1. Login to https://www.google.com/webmasters and add your site by clicking in the top right. On the next screen click “Alternate Methods” upper left, then “Add Meta Tag To Your Site’s Homepage” as you see below: Copy the string of gibberish (control-C to copy or right-click).

Malware Removal verify your website

2. In the control panel of your website, which is usually http://YOURPHONE.SwiftWebDesigner.com/wp-admin or http://YourPhone.SwiftCMS.com depending on your website, go to Settings >> Fast Verification, and drop this into the box that says “Google”

3. Return to Webmaster Central and click “verify”. This may take 2-3 tries at first, be patient and let it run.

Next, you might see this:

Malware Removal this site may be distributing malware

.. so click “more details”… then if you’re sure it’s gone (it will be if it’s on our platform), click “Request a Review”.

A human will review your site, ensure it’s gone, then remove all the notices.

Done!

For Swift Clients, doesn’t this give you a sense of relief? Why not take a moment and recommend us on Facebook or Twitter?

For not-yet-Swift-Clients, why not give us a call and upgrade your website today? We can help.

Note: For people who need malware removal but don’t want to change their code, the initial consultation _starts_ at $500 minimum, and doesn’t include a guarantee of removal. Once your site is hacked, the offending party can “create secret trap doors” for themselves to get back in – it’s much easier to keep them out than it is to get them out once hacked.

malware removal, reported attack page, warning: something's not right here,
This entry was posted in Help. Bookmark the permalink.