Google has flagged my site as containing Malware, how do I take care of this?

Avatar
  • updated
  • Answered

My website has been flagged by Google for containing Malware.  I want to know what kind of mitigation steps can be taken to discover, scan, or check for malware. 

Pinned replies
Avatar
Arn
  • Answer

Hello Side3Chase,


That page means that Google has flagged your site as possibly containing malicious links or code. Not all browsers will display it, as they may not subscribe to the Google service to check the page.

I was unable to find your specific website based on your login to our support site. So, I was not able to take a look at your files and see what may have triggered the Google alert. You may want to try reviewing your code yourself, or get a developer involved to remove the malware/injected code. Once the malware is removed, then Google will recrawl your site and remove you from the list when they see the code is gone. You can also request reconsideration from Google to try and speed up the process.


These types of hacks usually originate through FTP, which means the hacker logs in using your account name and password, drops links or redirects in various places in your file structure (mainly in .htaccess and/or index files) and leaves. They do this through automated scripts that they run every so often.


You may wonder how they get your username and password. This usually occurs from your side of things with small hidden software applications that feed information back to the hacker. These types of programs get onto your computer by riding on the backs of legitimate programs that are downloaded from emails, social networking, or even well-intentioned sites that are unaware of the programs hitching a ride. This way of infiltration can allow both PCs and Macs to be affected. These programs sit quietly and feed information to the hacker who then runs the script at intervals to place his links.


In order to protect yourself from these types of attacks there are a few things you can do, although nothing is 100%. First, update all your software to the most recent versions, particularly browsers, Operating systems, and other highly popular software such as Adobe Reader, etc... These are main targets for infiltration due to the sheer number of copies in use out there.


Then, run more than one virus/spy-ware scanner. These programs all verify against their own lists and they all have different items they look for and find.


Lastly, and probably the most effective, change your password often. Much like changing the oil in your auto, the more often the better, but there is no need to do it too often. Usually once every month or two will be fine. Ensure your password does not contain a word that can be found in a dictionary or a simple number sequence. Random numbers, letters, and symbols are best. Keep this password physically written down somewhere and not in a small text file on your computer that can be read from an intruder.


Again, nothing is 100% but this will indeed increase your security against repeated attacks.

If you have any further questions, please contact technical support or leave a comment at the bottom of the page.


Regards,

Arnel C.

Avatar
Arn
  • Answer

Hello Side3Chase,


That page means that Google has flagged your site as possibly containing malicious links or code. Not all browsers will display it, as they may not subscribe to the Google service to check the page.

I was unable to find your specific website based on your login to our support site. So, I was not able to take a look at your files and see what may have triggered the Google alert. You may want to try reviewing your code yourself, or get a developer involved to remove the malware/injected code. Once the malware is removed, then Google will recrawl your site and remove you from the list when they see the code is gone. You can also request reconsideration from Google to try and speed up the process.


These types of hacks usually originate through FTP, which means the hacker logs in using your account name and password, drops links or redirects in various places in your file structure (mainly in .htaccess and/or index files) and leaves. They do this through automated scripts that they run every so often.


You may wonder how they get your username and password. This usually occurs from your side of things with small hidden software applications that feed information back to the hacker. These types of programs get onto your computer by riding on the backs of legitimate programs that are downloaded from emails, social networking, or even well-intentioned sites that are unaware of the programs hitching a ride. This way of infiltration can allow both PCs and Macs to be affected. These programs sit quietly and feed information to the hacker who then runs the script at intervals to place his links.


In order to protect yourself from these types of attacks there are a few things you can do, although nothing is 100%. First, update all your software to the most recent versions, particularly browsers, Operating systems, and other highly popular software such as Adobe Reader, etc... These are main targets for infiltration due to the sheer number of copies in use out there.


Then, run more than one virus/spy-ware scanner. These programs all verify against their own lists and they all have different items they look for and find.


Lastly, and probably the most effective, change your password often. Much like changing the oil in your auto, the more often the better, but there is no need to do it too often. Usually once every month or two will be fine. Ensure your password does not contain a word that can be found in a dictionary or a simple number sequence. Random numbers, letters, and symbols are best. Keep this password physically written down somewhere and not in a small text file on your computer that can be read from an intruder.


Again, nothing is 100% but this will indeed increase your security against repeated attacks.

If you have any further questions, please contact technical support or leave a comment at the bottom of the page.


Regards,

Arnel C.

Avatar
Arn
Hello Side3Chase, I went ahead and scanned your site. Your .htaccess file had a code injection issue that was causing your site to come up as a flagged site. You will need to follow up with Google as we indicated earlier. And it is still suggested that you have a website developer go through your files to make sure that nothing else is affected. The URL for Google is: Contact Google for Re-consideration If you have any further questions, please contact technical support or leave a comment at the bottom of the page. Regards, Arnel C.