Spotlight: How StreetHunters Fixed a Website Hack

  • November 25, 2016

Two years ago, we started compiling reviews from Sucuri customers. Today we have over 60 case studies, most of them from web developers and designers. Interestingly enough, we also have a lot of case studies from photographers who run their own websites.

Our very first case study came from Spyros Papaspyropolous – street photographer, blogger, and Cofounder of the website StreetHunters.net. With a loyal following of street photographers and art enthusiasts, Spyros and his team offer insightful blog posts and rich image galleries.

Cause for Concern

One of the worst ways to find out that your website has been hacked is by hearing it from your visitors, customers, or readers first. Knowing that real people have already been impacted by encountering malware or blacklist warnings can come as a real shock to website owners. This is what happened to Spyros one morning in December 2014. A massive malware campaign called SoakSoak infected over 100,000 WordPress websites in a single weekend.

I got an email from one of my readers saying that your site has been reported for malware…

After hearing it from customers, Spyros had to check for himself. By this point, Google had blacklisted the site with a large warning to all visitors attempting to access the site.

I fired up Chrome and got the red screen. I felt I’d had a heart attack, you know? I felt that my readers would lose credibility in the brand immediately, and they would think that we don’t take security seriously, and we don’t take them seriously.

Cleanup and Reinfection

Having a background in web design, Spyros attempted to resolve the issue and clean up the files with the help of WordPress plugins and tools.

We take security very seriously at Streethunters.net and we do not leave things to chance. Our website had all the latest security patches installed when the attack took place and is also backed by a highly respected security suite since it first launched, keeping our data and [our reader] safe from almost all possible attacks.

At the time, the theme he used contained a vulnerable version of Slider Revolution (revslider). The developer had not yet patched his theme, leading Spyros to believe he had done all he needed to clean up the infection. With hours of manual cleaning, the Google blacklist lifted. Spyros slept soundly that night.

But here in Greece we have a saying: “Your luck works even when you are sleeping” which means that the world keeps on moving, sometimes to your disadvantage, even when you are asleep.

The next morning, the SoakSoak malware campaign had evolved and reinfected his site through the same vulnerable theme. This time, over 50% of his web files had been modified with malware injections.

Virtual Patching via Sucuri Firewall

Spyros read an article on Gizmodo where commenters recommended Sucuri. After signing up, Spyros received help quickly in securing his site and virtually patching the vulnerable theme. Upon activating the Sucuri Firewall, the attempts against the StreetHunters website were blocked and the threat neutralized.

As a curious web administrator, Spyros checked his Sucuri dashboard to see the number and rate of malicious requests that were blocked by the firewall.

I saw the firewall was really working well!

Paranoia

After finding Sucuri and recovering the StreetHunters website, Spyros wrote a blog post to tell his visitors how they had eradicated the malware threat and secured their site:

After this incident, we decided that we mustn’t just be serious about our security. We must be paranoid!!! There is just no other way to be safe. So with clean files to work on, we purchased a bundle of monitoring and security options from our new security partner, Sucuri. To put your mind at ease, we guarantee our security and to show it we have now placed a badge on our pages to let you know that we do not take these things lightly. So, feel free to safely surf the pages of our website once again!

For more information on how we provide complete website security for our clients, visit our website and chat with our Customer Happiness Team today.

Read the Full Street Hunters Case Study!

If you would like to be featured as our next customer case study, click the button above and fill in the form at the bottom of the page.

Alycia Mitchell has been Sucuri’s Marketing Manager since 2014. Alycia's main responsibilities include analytics and content strategy. Her professional experience covers 10 years of SEO and digital marketing for cybersecurity. When Alycia isn’t deep in spreadsheets, you might find her exploring nature. Connect with her on Twitter.

4 comments

  1. Hello Alycia! How are you? Haven’t chatted in 2 years 🙂 Shows how well the Sucuri tools are working in protecting our website. Wow, reading through your post brought back memories and mixed emotions. I am so glad we found Sucuri! Keep up the great work guys!

    1. Having been there two years ago myself, I know exactly how you feel. Thanks for the great feedback Spyros!

  2. They had a problem, they paid you to fix the problem, they became happy! Thanks for this wonderful informative blog post, it really provides a lot of valuable know-how!

Comments are closed.

Related Categories
You May Also Like