How does a website infected by Google Attack?

As per our research following are the main reason to come Google Attack Page

First, it knows the files and their default locations of various FTP software, FileZilla, WS_FTP and many, many others. When users tell their software to save their logon credentials, it saves this information in a file on the computer. Then when you want to send an update to your website, the login information is already there.

The virus looks for these files, opens them, reads the information and then sends it to a server where it's used to login to the website with valid credentials. There's no need to "crack" the password. Which is why strong passwords aren't a defense in this case.

Second, the virus installs a keyboard logger. This variant is relatively new because earlier this year the hackers saw that everyone was telling people not to save their FTP username and passwords, so the hackers started installing keyboard loggers for those who type their passwords in each time. Same follow-through, the stolen information is sent to a server that infects the web site.

Third, the virus "sniffs" the FTP traffic leaving the PC. Since FTP transmits all data, including username and password, in plain text, it's easy for the virus to see the username and password, capture it, send it to a server and ... (you get the idea).

Fourth, and is the most recent, the virus will inject the malscript (the infectious iframe) into the FTP data stream as it leaves the user's PC. This latest variant is sneaky in that the website logs will show that FTP traffic originated from a valid source, with valid FTP credentials.

Was this answer helpful?

 Print this Article

Also Read

What is INODES limit?

An inode is basically a file - so say you had 1,000 images, that'd be 1,000 inodes. Every file (a...

What happens to someone abusing system resources?

The offending site will be suspended and the owner will be given an opportunity to fix the...

SQL injection, insertion

SQL injection is an attack where malicious code is passed to an SQL Server for execution. The...

The Ultimate Guide to Fixing and Recovering Your Hacked Website

Having your website hacked is one of the worst feelings in the world. It can do major damage to...