How websites become malicious

If your website became a nest of viruses and other malicious software, it could happen because of several reasons:

• FTP login and password are stolen (FTP infection)
• Website has XSS vulnerability
• Hosting server is hacked

Malicious Site

- website with malicious code inside. This code may harm visitor's computers. Usually malicious site includes some code which loads a pack of exploits for user's browser. These exploits load some trojan software, viruses and other malicious software (malware).

Malicious Site. How it happens.

Most likely your FTP password were stolen by some malicious software with FTP-grabber functions.

FTP grabber

- type of malicious software which steals FTP account information in an unnoticeable way.

FTP grabber may steal logins and passwords from two sources:

Config files of FTP client software. Malware searches for config files and tries to find authentication information inside them. FTP grabber has some database with the knowledge about the most popular FTP-clients: file names, file formats, ways of account information decoding (if it is encoded).

Internet traffic sniffing. FTP grabber may control your internet traffic and catch FTP authentication information while you log in to your FTP server. In this case it is not important which FTP-client you use. If you use FTP protocol it means that authentication data is transferred to server in open text format. This data may be captured by any traffic sniffer.

Your neighbor also may peep your password and insert some harmful code to your site and refer it into Malicious Site category. If your neighbor is not an angry hacker or a spy be sure that your account was stolen by some malware. And most likely you are not alone with this trouble but you will have to solve it on your own.

Malicious Site. Solution.

If you suspect that your FTP account is stolen, try to use the following solutions:

• Check your own computer for viruses and other malware (install/update antivirus).
• Change FTP password.
• Use encrypted sFTP protocol instead of FTP or any other encrypted channel.
• Try to change FTP software and choose any unpopular client.
• Close FTP access and use some alternative way to manage website files.

If a problem of Malicious Site appears again this means that FTP infection is not a reason. There are other causes:

• Website's scripts have Cross Site Scripting vulnerability.
• Server of hosting provider is hacked.

To be continued...

Aliaksandr Hartsuyeu – www.eVuln.com

Latest information about Malicious Websites

22.02.2012 11:58 OWASP Report finds an average of 9300 malicious websites per day in fourth quarter 2011 - North America is home to ... details >>

22.02.2012 02:01 New McAfee Threats Report shows malicious sites nearly double, while mobile malware continues to grow: details >>

22.02.2012 01:45 Mcafee Threat report found an average of 9,300 malicious websites per day in fourth quarter 2011 details >>

22.02.2012 01:01 OWASP US home to largest number of malicious sites: Report - malware, fraud and insiders has more than doubled ... details >>

21.02.2012 23:01 US home to largest number of malicious sites: Report: 2011 witnessed 75m unique malware samples, according to se... details >>

21.02.2012 23:01 Computer Business Review: US home to largest number of malicious sites: Report - via

21.02.2012 21:42 As Malicious Site Marked by Microsoft Accidentally. For more just visit

21.02.2012 16:31 Microsoft mistakenly flags Google as malicious site - Technology ...: If you're using Internet Explorer to brows... details >>

21.02.2012 14:31 News: Microsoft mistakenly flags Google as malicious site details >>

21.02.2012 13:44 Mobile Malware On The Move, McAfee Report Says: Report finds an average of 9,300 malicious websites per day in f... details >>

21.02.2012 08:51 McAfee Q4 Threats Report Shows Malware Surpassed 75 Million Samples in 2011: Malicious Sites Nearly Double, whil... details >>

21.02.2012 08:51 Average business facing 5,000 Web attacks monthly, bares Blue Coat report: Malicious sites increased 240% in 201...

21.02.2012 07:44 Phishing, Fraudulent, and Malicious Websites details >>

20.02.2012 22:23 SaadRA: The latest report from McAfee only reinforces findings that mobile malware and malicious sites are repro... details >>

20.02.2012 08:26 Free Online Tools for Looking Up Potentially Malicious Websites

17.02.2012 10:49 You can't come up with this stuff! Microsoft mistakenly flags Google as malicious site: details >>

17.02.2012 09:49 Microsoft Mistakenly Flags Google as Malicious Site | Anti-Virus ...: Microsoft's anti-virus and security softwa... details >>

17.02.2012 06:43 Wow! Microsoft security patch flagged google as a malicious website! Read about it at details >>

17.02.2012 03:13 Microsoft Accidentally Marked WebProNews details >>

16.02.2012 18:50 If they'd thought of this in 2002, MSFT would be at $100 - Microsoft mistakenly flags Google as malicious site details >>