WordPress sites being hacked by “Adsformarket” scripts
January saw so many sites attacked by automated hackers looking for websites with vulnerabilities in which they can exploit for personal information.
Some of these hackers attack websites for the purposes of siphoning personal and financial information which they can attempt to utilise as a means of financial gain.
Common activities include:
- Obtaining email address to send spam
- Installing malicious codes and software which may result in forms of payment.
- Redirecting visitors & website traffic to other websites which often they are setup as an affiliate which may create funds for them.
Whilst being one of the best content management systems out there, WordPress; like any open source content management systems, does have vulnerabilities when not correctly maintained.
In this case, a number of clients who were currently self-managing their accounts – whom had not kept up with internet security, backed up the website or completed the needed website maintenance, were the hardest hit.
But what on earth does that “correctly maintaining your WordPress website” mean??
“Self-Managed WordPress Websites” are basically WordPress websites that have been built for you, whereby you take over the responsibility of maintaining the website, ensuring the website is running the latest versions of each of it’s components and making relevant changes as need to the pages and page content.
In order to correctly maintain your WordPress websites, it means you need to keep the WordPress software and it’s relevant plugins and themes regularly updated. It means making a regular backup of the website files and the database. It means making sure you’re not using the default settings for things like login credentials or non secure settings, and using plugins that are regularly update by their developer.
You can also look to utilise more advance strategies like customising your WordPress database tables names to make then unique, changing your SALT keys regularly and if you were implementing new functionality for your website, that you’re using tested and regularly updated plugins and themes.
I think my WordPress website got hacked / How can I tell if I’ve been hacked?
There are 3 main characteristics we’ve seen of late with websites who have been hacked, some are more obvious thank others. However, Hackers have accessed the website and injected malicious code into the websites and modified files that resulted in:
- onscreen errors,
- search engines such as Google – identifying the site as containing malicious code / marked them unsafe
- or the most commonly – the website has a series of codes injected into the website that force visits to be redirected to unsafe and undesired websites.
AdsForMarket – WordPress Website Attacks
One of the primary redirects or spam codes injected into some of these websites were for a domain called “Adsformarket”.
This adsformarket is owned to a private entity and was registered through a domain provider Eranet, whom I’ve contacted to ask them to look at what their users are doing. However hackers can easily change their domains names and use the same scripts elsewhere, whilst we can try and have these creators dealt with, it’s hard to prove and it won’t entirely stop the from doing this again. So the best way to counteract this is to implement stronger security measures.
I make note here NO WEBSITE IS 100% HACK PROOF. However we can make various modifications to help strengthen the website boundaries and with regular maintenance, website backups & updates. Website owners can decrease the downtime and the cost it would take for their websites to be recovered.
Getting help – if you think your WordPress website has been hacked:
If you think you may have been hacked or you’d like some help with your website.
Natalie Crowe Designs is happy to work with you to address the issue.
Please contact us or give us a call to discuss your options: 0423285233