Clean malware from wordpress website in 2019



These days a lot of WordPress websites are getting infected by malware, adware. What they basically do is that open they redirect the WordPress site to some random third party website which is full of ads or sometimes they spread a virus or other such malicious files to the visitors. This mostly happens because most of the times the creator of WordPress based websites are very beginner and they don't know much about security.

Last month a person reached out to me saying that his WordPress website is infected and asked me to help him out. When I checked the website I got to know that an attacker added few lines of codes on his website which redirects the visitors to some other website. You might be thinking what will the attacker gain by doing this.

Well, the attacker redirects the visitor to his malicious website which is full of ads and think if he redirects about 10,000 visitors per day, he will earn a good amount of money. So when this person gave me access to his website I first searched how the site got infected.

Here is how his website got infected :


He used a very week and known username and password so there is an attacker who runs scripts which automatically scans for WordPress based websites and try random password and if they get the access they automatically insert the code. Same this was happening in this case too. So I quickly removed the malicious codes and changed the password and things got alright.

If sometimes your WordPress website too gets infected by malware, here is how you can clean your website :

Scan your Website


This is a very important step. here you need to first scan your website to see if there is any backdoor, vulnerability that exists in your website. Scan your website to see if it redirects to some other website. Also, check if you are using the latest version of WordPress.

Backup your sites, files, and database


Always try to make a full site backup for at least once a month so that even if it becomes impossible to fix your website you can restore it back using the backup. You can backup your website files with FTP, cloud, etc. There are a lot of free plugins to do so.

Check the backup files


Things might get really tricky if your backup file itself contains the malware so always check if your backup is free from malware

Format WordPress files and folders


Login to your cPanel and go to the location where you have WordPress installed and delete all the WordPress files in your installation location. Mostly the WordPress files will be in the public_html folder.

Reinstall Wordpress


Get one-click Wordpress install option from your provider. Get an overview of installing WordPress in server. Fill the necessary information like admin name, password and click the " Install Wordpress" button

Change your WordPress login password


While installing you will be given an option to give a password. For better security, it is advisable to give a new password that you have not used so far on your website.


Reinstall themes and plugins


Download a fresh copy of the theme from the backup or you can use the default theme of WordPress. Once the theme is installed, you can install all the needed plugin once again.

Restore your WordPress files and database


Backups created by popular backup plugins like BackupBuddy and UpdraftPlus can be restored by using the same plugin. USe the plugin to restore the files and database

Scan Again


After all the above steps are done you will have the site up and running once again. Just to check if everything is alright, do a full site checkup to make sure that the site is completely free from malware The best tools to check for malware in WordPress are: Unmask Parasites, Sucuri Site Check, Norton Safe Web, etc.

Clear Google Warnings


After the above steps are done, your website will completely be free from malware. Now submit the blacklist removal request to Google to review your site. Navigate to the crawl tab in search console, Click the fetch as Google section and submit the website to index button below.

After following these steps your website should be completely free from malware in most of the cases. If it's not then contact your  service provider or get help from some professionals.

Freelancers in Fiverr and Freelancer.com are baited with job offers to download malwares



Freelancer.com and Fiverr are two of the most popular freelancer platform in the internet. Thousands of people visit the website to get job or get their work done. And wherever a lot of people gather, hackers make it their target. Cybercriminals are targeting freelancers in a new malware campaign sending malicious macros disguised as job offers.

Security researchers at MalwareHunter team have discovered a new piece of malware that is targeting freelancers.



In one example, the threat actors sent an email asking the intended victim to check the attached document and then get back to them with a “cost and time frame,” while in another example the threat actor sent over a document entitled “My details.doc,” which also contained malware.

Once clicked, The recipient is asked to enable macros which work as malware dropper. MalwareHunterTeam has urged users to refrain from enabling macros and keep their anti-virus software activated once digging into new files. For instance, one of the victims who had their anti-virus software enabled was able to detect the malicious document.

Beware, Fake Facebook Apps could serve up malware or steal your personal information



Most of the time we see our friends use various Facebook apps like 'top 5 friends', 'Your crush', 'people who have visited you profile' etc. Sometime these apps are fun and sometime quiet annoying too.

We use these apps just for fun and once we get the result we often forget about it. But have you ever wondered why someone out there spent lots of time create the app ? That too without any profit ? Well there are many profits.

Why These apps are created?

1. To earn money from ads

Whenever we try these apps, we are redirected to their websites which most of the times are filled with multiple ads. This is one of the main reason why these apps are made. These apps developers want users to go to the site so that they earn from the ads that are present in their site.

2. Earn money from affiliate

Also these sites are filled with affiliates as they know the interest of the visitors so they can easily sell target based products and earn from it.Affiliate marketing is the process of earning a commission by promoting other people's (or company's) products. You find a product you like, promote it to others, and earn a piece of the profit for each sale that you make.

3. Steal your personal information


This apps are mainly used to steal personal information. Whenever you try these apps they will ask for authorization which looks something like this.


Now most of the time they ask for little permission which are not actually required and giving them these permission can be very dangerous. For example if an app asks permission to access your inbox, it can be very dangerous as they can read all your messages and can also send messages on your behalf.

4. Spread malware


Once these apps get permissions like 'they can post on your behalf', 'they can comment on your behalf', these apps starts too spam with the help of your account. You might have seen in the comment section of some popular pages which are filled with recharge site links. These comments are actually done by these apps via user's account.

How to protect yourself from these apps?



There are many apps available which promises to do fancy stuffs. Always be careful while giving permissions to such apps. If an app requires permission to access your inbox, albums, phone number, status update, chances are there that its a fake app and they are just collection information about you and will use your account to spam others. Never use 3rd party apps which are not required.

But if you are already affected by any of such apps then follow these steps to recover your account.

 1. Go to your account and click on settings




2. Now click on the apps option present on the left side of the page.


3. Now you will get the list of all apps that you are using. Remove the apps which you are not familiar with.

 
Once you’ve removed the app or game, it should no longer post to your Timeline. If you still see a past story, you can remove it manually.

As an added security measure, you should also change your password and do a quick scan of your computer with a reputable up-to-date anti-virus solution just to make sure the app didn't leave any other baddies on your machine.

Conclusion


Facebook apps are great, they can make most of the work easy for us but many people are using these feature for a wrong purpose so we need to be very careful while using these apps. Also most of the time we use unnecessary apps. If you want to know who are your best friends you don't need any Facebook app to tell you that, do you ? Just go out and talk to your friends you will know it your self. Do you really need to use an app to know who is your crush ? I don't think so. Always use apps which are made by trusted sources.




 


How to remove unwanted popups ads

It usually happens a lot time that whenever you browse/visit some website(s) you get an unwanted ad popup which is very annoying and it sometimes redirect you to some other site which have some unwanted or inappropriate content. Mainly malwares are responsible for such unwanted ads and popups.Most of the time when we download some cracked version of software or download things that we get in our emails (email ads) ,we unknowingly install these malwares which affects our computer. In this tutorial you will learn how to remove unwanted ads from Firefox, or how to remove unwanted ads from any browser.



Method 1 - Install a popup blocker called "Adblock Plus" :

From this method you will also get rid of banner/video ads from a website/YouTube
  1. Go to https://adblockplus.org/en/ 
  2. Install the plugin
  3. Done

Methods 2 - Clean up your browser with "CCleaner" :

This will clean the up the unwanted registry which is causing popups
  1. Go to https://www.piriform.com/ccleaner
  2. Download and install the softaware
  3. Open it and click on "Run Cleaner" button (It will automatically choose the best settings to clean your desire web browser)
  4. Done

Method 3 – Remove unwanted softwares

Removing unwanted toolbars/softwares that are causing popups :
  1. Go to the control panel
  2. Uninstall it

What Can Be Done Out Of A Hacked PC?

Some wild People Say "Hey! I Just Hacked a PC!", Some may just fake it but some may really have done it. So, What Do They Really Mean when the say that? This Article Will Discuss about In How many ways a Hacked PC Can Be Used, And in later articles I'll be explaining about each attack and how it works.

First Of All, a PC can be hacked in many ways, It maybe a PC/Server Whatever. But Once it's compromised, that particular PC becomes the paradise of the attacker. There's a whole lot of harm that an attacker can do to your PC, Yes! Your PC/Mobile That's connected to the internet can be compromised! That's why Always Keep you Antivirus Updated.

A Broad View of All the Attacks Takes me to 8 Categories,
  • Webserver
  • BotActivity
  • Virtual goods
  • Reputation Hijacking
  • Financial Credentials
  • Hostage Attacks
  • Account Credentials
  • E-mail Attacks
So, That's the prime 8. Take a look at the infographic that i made for a brief details of each.
In the Further posts, I'll explain how these attacks work with linux machines, because I am not really a very big windows fan. Also Windows Machines are most Vulnerable to these attacks!
So, This post was all about you knowing what kind of threats exists, and the first and a best step a normal PC user can take is update the antivirus software regularly.  

if you have any question, don't hesitate to post them in the comment section. 

Fake Angry Birds Game spreading Malware from Android Market


From last week premium rate SMS Trojans surfaced in the Android Market. Google has pulled 22 apps that are masquerading as legitimate versions of popular games like Angry Birds and Cut the Rope. Security researchers have discovered a way to bypass an Android smartphone owner's permissions and access private data stored on their smartphone.

Avast Blog explain this as - For example, if someone tried to look for “Cut the rope free”, this malicious application was in the fourth place in the search results. Apps published by the developer Miriada Production may look like well known Android games (Angry birds, Need for speed, World of Goo and others) and users could be easily confused.