Website Security: A Case of SEO Poisoning

There are so many ways your website can be co-opted by hackers for many different reasons, targeting the value created via your SEO is highly attractive. It provides an attacker the opportunity to cheat the system by quickly benefiting from your raw traffic, your audience. In this post we will share details of a recent case in which an attacker leveraged a websites organic traffic to funnel, steal, traffic to their desired pages.

What is SEO Spam

SEO Spam is designed to use your search terms and traffic against you by infecting your sitelinks with references and links to things not on your site. This is highly effective in impression based affiliate marketing, in which the marketeer gets paid by impression. It’s what made the Pharama Hacks so lucrative a business. As this model continues to spread, into things like Fashion, Online Gambling, Payday loans we’ll likely continue to see an evolution in the employment of SEO Poisoning attacks.

Read More

SiteCheck Extended – Making It Easier to Scan Your Websites

Sucuri SiteCheck is our free website malware scanner that crawls any website to detect signs of Malware injections, SEO Spam, Blacklisting, Defacement and other similar indicators of a compromised website.

It is widely used by Webmasters to verify if their sites have not been compromised or blacklisted. And now we’re extending it to other platfroms, by making it easier to use from multiple devices and products.

Please be sure to take a minute to understand how SiteCheck works, then leverage it on your own web properties to show visitors that your site is malware-free.

Read More

SiteCheck Chrome Extension Now Available

Have you ever wondered if the websites you (or your family) visit contain code that is potentially harmful to you or your computer? If you are a Chrome user, then you’re in luck because we’ve made it much simpler for you to utilize SiteCheck, our website malware scanner. Whether you want to scan your own website or check up on other sites, install our new Chrome extension to make it easier. If you love the extension, let us know in the comments and make sure to tell your friends about this cool new tool.

All right, we’re done selling the benefits of this thing so here are the instructions to install it and try it out for yourself:

First, install the extension from the Google Chrome Web Store.

Next, you’ll be asked to allow access to your webpages. Once you do that, you’ll notice the little Sucuri “S” embedded on the right of your toolbar.

SiteCheck Extension

Finally, to scan any site you’re visiting, just click the Sucuri “S” and our sitecheck will scour the site and return results to you in no time. If you’re visiting a site infected with malware, you will receive a warning like the one below.

SiteCheck Extension - Warn results

Some Technical Details

It’s important to remember that you will need to choose to scan sites when you visit them and that this extension will not automatically scan every site you visit, nor will it prevent you from visiting an infected or blacklisted site (though you could quickly find out if you were on such a site). Our goal is to help consumers of the web as well as webmasters by providing a tool to scan any site on the web without referring back to SiteCheck each time.

Finally, remember that this extension will not automate scans of any website. If you’re in need of consistent monitoring and alerts, just sign up for one of our website protection or prevention plans and let us keep your site malware-free.

Sucuri SiteCheck Malware Scanner Plugin for WordPress

If you’re a WordPress user, love our free SiteCheck scanner, or already use our free SiteCheck Malware Scanner Plugin for WordPress, we have an update for you.

Sucuri Security - SiteCheck Malware Scanner

Read More

Joomla Pharma Hack – Web Malware Removal

In my last SEO poisoning post I wrote about some really nasty conditional malware. In this one, we’re going to revert our attention to the more common variation of the attack, and look at the Joomla CMS.

Joomla Pharma Hack

This variation will be the Pharma hack. As of late, it seems to be going on a rampage on a number of CMS applications and many of its characteristics are similar. The objective appears to be clear though, find its way into Google’s search engine result pages (SERP).

While we can only speculate, the idea is simple – The SERPs are a cached product and as long as they keep the injections benign of malware they increase their odds of bypassing detection until someone spots it and reports.

Read More

Ask Sucuri: How does SiteCheck work?

If you have any questions about malware, blacklisting, or security in general, send it to us: contact@sucuri.net and we will answer here. For all the “Ask Sucuri” answers, go here.


Question: How does SiteCheck work? I just scanned a site that I think is compromised but the scanner is showing it as clean. Is my site really clean or did you make a mistake?

Answer: SiteCheck is our free, remote website scanner that works to identify if the provided site is infected with any type of malware (including SPAM) or if it’s been blacklisted or defaced.

Read More