cancel
Showing results for 
Search instead for 
Did you mean: 

Possible hack or virus attack on my magento website

Possible hack or virus attack on my magento website

Hi Guys,

 

I badly need help as recently my host suspended my website due to possible " malicious" content on my website (they want me to remove it). i have no idea about it. this is the first time i encounted this issue.  The reported content is  yourdomain.com/crdt/index.html.

 

I like to check is the "/crdt/index.html" part of magento files or?

What should i do?

 

 

Looking forward for your kinds replys.

 

Thanks.

1 REPLY 1

Re: Possible hack or virus attack on my magento website

No, that is definitely not part of Magento so there is a very high chance that your website may be compromised. 

 

This can happen to any or all of the reasons below:-

  1. Your password for your hosting control panel or FTP may be stolen (can happen if your computer is infected with virus). 
  2. You are using an old version of Magento. 
  3. You didn't implement all the security patches for Magento. 
  4. You are using old or insecure extensions. 
  5. You are using old or insecure themes. 
  6. You have other applications like WordPress in the same hosting account and it's not updated to the latest version. 

What you need to do now is to clean up all the malwares in your hosting account. Here's a good guide to start:-

https://www.stopbadware.org/common-hacks

 

If you do not know how to clean up the malwares or do not have the time to do so, you can either:-

  1. Hire someone like a web developer or a third-party security company like Sucuri to clean it up for you. 
  2. Wipe everything clean and restore from a backup. 

Once cleaned up, you need to make sure that all applications, extensions and themes are constantly updated to the latest version or at least make sure that the Magento security patches are implemented. If you don't do this, you will be hacked again and again as the entry point for the hacker is not properly secured.