“Whether you run a large multinational business site, a government site or your personal blog, having your site compromised is one of the biggest predicaments that we, as site owners, will ever face,” Maile Ohye, the tech head of Google’s developer programs in Google’s informational video, said. “The good news is that recovery is certainly possible; in fact, a nonprofit organization called StopBadware reports their tools and information have helped over 130,000 websites become de-blacklisted with the malware warning removed in the last three years. In tandem with groups like StopBadware, my webmaster support team and I hope to help you recover your hacked site.”
Ohye explained what it means for a site to get hacked; many users might be surprised to learn that websites are rarely attacked individually but, rather, vulnerabilities are typically found across many sites first by a hacker (yours included) before they are exploited.
“Like an infection that can enter through a small wound and spread to your entire body, once a hacker has found a way into a site by exploiting a vulnerability, you must assume they can now perform any action on the site, like adding spammy text or even malicious software,” Ohye said. “Some of the more common ways that a hacker can invade a website include exploiting out-of-date or insecure software, stealing login credentials or installing malicious software called ‘malware’ on your personal computer that then steals login credentials when you access your website.”
As one might assume, hackers typically hack for financial gain, which is achieved by either adding spammy content to your site -- linking to their site while leveraging your site’s plugins and reputation -- or distributing malware, which is much more dangerous.
“Being hacked with malware can be especially harmful, because not only is your site affected, but the malware code allows the cybercriminal to use your site as a host for also infecting your visitor’s computers,” Ohye said. “Once malware is installed on various users’ computers, cybercriminals, again motivated by money, can perform rogue actions like stealing login credentials for online banking or financial transactions.”
Google offers key approaches to recovering a hacked site, which involves either doing it yourself (if you believe strongly in your technical skills) or consulting trusted, outside experts if most technical tasks are beyond your scope.
“It may not be easy, but once you -- either by yourself or with the aid of your support team -- can identify the vulnerability, fix the problem and complete the review process, your site may return online even more robust.”
Google offers an eight-step recovery process for victims of hacking, including ways to quarantine your website, assess the damage, identify and fix the vulnerability that got you into trouble in the first place and request a review to ensure your website isn’t also perceived by Google as spam.
Watch Google’s overview video about hacking below, but check out the company’s full hacked resource for webmasters for more information.