• We’ve been acquired by CloudFlare

    Published by Dr. Anirban Banerjee After 4 years, I’m pleased to announce that we’ve been acquired by CloudFlare, the website security and performance company. Our mission at StopTheHacker has always been to make website security dead simple for our customers. This acquisition brings end-to-end security to CloudFlare and enables StopTheHacker to benefit from CloudFlare’s global… Continue Reading »

  • Scheduled Maintenance

    Our service provider will be conducting scheduled maintenance on Wednesday, August 14th, from 11 AM to 1 PM PT. The maintenance will take approximately 1 hour. This maintenance will improve performance and security of our services. During this maintenance, some webpages at StopTheHacker.com may be unreachable or be served slower than usual. Logins to the… Continue Reading »

  • When Ads Go Wrong: Malware Attacks Embedded in Advertising

    Ads go wrong image

    The Problem With Rotating Advertisements Rotating advertisements are a staple of many websites today and can be a generous passive revenue stream when implemented correctly. However, some webmasters may not be aware of the risks that they may present. Along with having to protect themselves from inappropriate content and competing products, many webmasters will find… Continue Reading »

  • Website Malware Scanning vs. Vulnerability Assessment

    Good Better Best Signpost Representing Ratings And Improvement

    These days, computer viruses aren’t the only clear and present danger facing users. Today’s websites feature a vast number of vulnerabilities that make it easy for hackers to hijack and add malicious code. Attacks from malicious code samples including “W32.Downadup” and “W32.Ramnit” can infect visiting machines and compromise confidential data. Google’s latest update to its… Continue Reading »

  • 10 Simple steps to protect your Drupal site


    Web devs have seen many articles detailing how to secure popular scripts, but where’s the equivalent guide if you prefer the CMS Drupal? These steps are user-friendly, even if you’re new to the system. Keep up with each of these activities for every install to prevent hackers from authorizing your site. You’ll sleep better at… Continue Reading »

  • It’s Dangerous Out There! Website Security Trends

    Spreading Worldwide

    Website security has become a continuous do-loop of attackers exploiting vulnerabilities in software of ever-increasing complexity and software engineers developing new defenses and patches. It’s almost impossible to keep up with the cat-and-mouse game, but the United States Computer Emergency Readiness Team (US-CERT) tries to do just that through alerts and a blog of high… Continue Reading »

  • Hackers Slipping in Malware through Fake Groupon Mails

    groupon mail

    A guest article by Jane Andrew. Hackers, crackers and cyber fiends are deploying new tactics of getting through their malicious applications to the users these days. One such group is pushing fake Groupon discount emails yearning for the naïve users to fall for their trap and consider that those emails are sent from some of… Continue Reading »

  • StopTheHacker at HostingCon 2013 in Austin, TX


    We’re happy to announce that StopTheHacker will be participating at HostingCon 2013 in Austin, TX. HostingCon Is an Annual, ‘Must-Attend’ Event for a Broad Range of Web Hosting and Cloud Services Professionals of Every Level. HostingCon attracts more than 1,900 attendees from all areas of the hosted services industry from start-ups to global giants. Attendees… Continue Reading »

  • What happened when my website was hacked

    hard work

    A guest article from John McGarvey. He writes about subjects like IT security and web hosting for IT Donut. It all started one morning with a worrying email subject line: ‘Your portfolio page may have been hacked’. Inside was an unsolicited message from a friendly web developer, letting me know that my website’s usual portfolio… Continue Reading »

  • How to set up Server-Side Scanning for your website

    server-side 1

    The new server-side scanning features are available with release 3.7 and includes the following new features within the Professional and above editions: Phishing Page Detection PHP Spam Shell Detection Webpage Defacement Detection Insecure Folder Permissions Detection .htaccess Hack Detection Website Error Reporting For detailed information on the individual features, please check out our Feature page… Continue Reading »

  • Microsoft Hacked – Method similar to Apple and Facebook Attacks


    Microsoft has announced yesterday via its Security Response Center blog that it has been attacked and hacked with methods similar in nature to those experienced by Apple and Facebook recently. All attacks were perpetrated by utilizing a zero-day Java vulnerability. Microsoft reported that a small number of its computers, including some in its Mac software business… Continue Reading »

  • Zendesk Hacked – Tumblr, Pinterest and Twitter Users affected


    Zendesk, the customer service software provider with 25.000 customers, yesterday announced a security breach that affects users of Twitter, Pinterest and Tumblr. According to Zendesk, email addresses of users who have contacted Twitter, Pinterest or Tumblr for support have been downloaded by the hackers. Wired reports passwords were not part of the breach but that some customers may… Continue Reading »

  • Quick tips for removing malware from Joomla


    Joomla has become a preferred CMS to develop websites. While a number of apps and functionalities help you attain customized visage to your website, ensuring security against Malware attacks is equally necessary and you know it’s hard to ignore. Removing malware from your Joomla website will ask for a number of modifications and other features… Continue Reading »

  • StopTheHacker Introduces Server-Side Scanning – Release 3.7 Available Now!

    Server-Side Scanning 1

    Today we launched an extensive upgraded version of its award-winning suite of website protection services, forming its platform into a holistic one-stop-shop for website security. Key features of Version 3.7 incorporate extensive improvements designed to go even beyond the standard approach of website security: Detection of phishing pages to prevent hackers from using customers’ accounts… Continue Reading »

  • Quick tips for removing malware from osCommerce

    Quick tips

    Malware attacks are no longer things that PC owners on server maintenance officers have to fear. Website owners are currently also victim to this deadly attacks propagated by hackers. Incase your website is hit and for some reason you did not have backup, there are several things that you should consider doing to make sure… Continue Reading »

  • Join us at Parallels Summit 2013 – February 4-6, 2013

    Parallels Summit Exhibitor

    As an Exhibitor sponsor at Parallels Summit 2013, we invite you to join us in Las Vegas, February 4-6 for this exciting event. The Parallels team has put together a great lineup of keynote speakers, breakout sessions and networking opportunities. By gathering the brightest and most innovative minds in the industry, Parallels Summit makes it easier… Continue Reading »

  • The Grinch Chronicles: 2012 and Data Theft

    Santa gegen Grinch

    A guest article by Jane Andrew. While we revel in the merry spirit of Christmas as the year ends, somewhere in this world there is a large group of menacing Grinchs that are having a little celebration of their own. However, it is not because they have come up with yet another plan to steal… Continue Reading »

  • Deciding to use SSL – Which certificate type should you choose?

    SSL Certificate

    A guest article by Steve Waite, CEO, GlobalSign Americas An introduction to SSL There is still much confusion surrounding the trust and security of websites, but when building a web application that deals with any personal data, security is the first priority.  SSL provides a safe form for the transmission of data – like transferring… Continue Reading »

  • WordPress plugins – How to check for updates and install them

    How to check the WordPress plugins version? Plugins are tools to extend the functionality of WordPress. The core of WordPress is designed to be lean, to maximize flexibility and minimize code bloat. Plugins offer custom functions and features so that each user can tailor their site to their specific needs. To check the version of… Continue Reading »

  • The Marriage of SSL & Malware Monitoring

    GlobalSign Logo

    A guest article by Steve Waite, CEO, GlobalSign Americas As a security company we always encourage our customers to take a layered approach to security by understanding the risks and implementing appropriate solutions. GlobalSign is a CA, and we provide one component of such a strategy – SSL. As SSL is primarily used on webservers,… Continue Reading »

  • Removing Malware from a WordPress blog


    Malware is a type of software that attempts to steal your personal information or use your computer to do things that you do not intend. Malware infections quite often lead to harsh consequences, causing victim’s computer become slow or unresponsive. Malware is usually spyware, deceptive adware, etc. Common malwares are free screen savers that secretly… Continue Reading »

  • How to discover and remove malicious redirects in the .htaccess file


      In most of the cases malicious redirects are made by hacking the .htaccess file. Also, after cleaning up the .htaccess file the malicious code is being added back to the file within 30 minutes. This is being done with “backdoor(s)” the hackers have placed on the website files. Here is a step-by-step guide on… Continue Reading »

  • Consequences of your website being blacklisted by Google

    Safe Browsing Warning

    9.500 websites are blacklisted by Google on a daily basis due to malware infection. The malware infection are the results of a hacker attack on your website. When your website does get infected with malware there are devastating consequences: Your site gets blacklisted by major search engines, and this causes all major browsers like safari,… Continue Reading »

  • Special Offer: Get a free Application Vulnerability Assessment for your Website


    Worried your website is or might get infected by hackers? Find out if your website is vulnerable and more likely to be compromised by Hackers and malware attacks.  For a limited time only, we offer you a completely free application vulnerabilty assessment of your website. We check for web application vulnerabilities in most popular software… Continue Reading »

  • New product version 3.5 has been released

    StopTheHacker 3.5

    A host of new advanced features to keep your site safe from even more threats. Version 3.5 of our product went live yesterday, October 14th. The new release 3.5 brings the following improvements and new items for you: McAfee and Symantec Norton blacklists integrated in reputation monitoring service - More info Auto cleanup now cleans up hidden… Continue Reading »

  • How to change WordPress password without having the access to wp-admin


    There may happen certain incidences like for some reason if your site is hacked, or something else, you are no longer able to login to your admin panel using the login information, and you are not able to reset the password via email. But, you want to change the password immediately. In situations like this… Continue Reading »

  • Reputation Monitoring now includes McAfee & Symantec data

    Five stars

    StopTheHacker now provides you with even more critical information about your website! Find out if your website is blacklisted by McAfee and Symantec/Norton, the two big Anti Virus companies. StopTheHacker’s reputation monitoring scan, part of every package available from StopTheHacker now includes data from these large security companies. StopTheHacker’s reputation monitoring service helps you take control… Continue Reading »

  • Webinar – Tips and Tricks on Website Security

    Website Security Webinar

    Yesterday we hosted our first free webinar on website security tips and tricks together with our friends from Stopbadware.org. The goal was to provide an overview of important tips on why website get hacked and blacklisted and what website or blog owner can do to protect their website. The webinar was moderated and presented by… Continue Reading »

  • 10 tips to make your WordPress blog secure

    WordPress Saftey

    Easily one of the most popular blogging platforms preferred by the amateur and professional alike, WordPress has many advantages over its competitors. However; its relative ease of use and many attractive themes and capabilities must be enhanced by WordPress security and protection, so that your website doesn’t fall victim to malware attacks that exploit weaknesses… Continue Reading »

  • What is PHP Malware? And how to protect your WordPress blog against it

    PHP Code

    While blogging hasn’t replaced baseball as the national pastime, it’s safe to say that it’s made the Top Ten List. The internet has become a catalyst for this infectious hobby, but that’s not the only infection it’s spreading. WordPress Blogs are a prime target for hackers to unleash their latest malware (malicious software) creations. Over… Continue Reading »

  • Vulnerability Patching is only the first step – why malware monitoring is necessary

    Secure Website

    So you just downloaded the latest patch to protect your website from the latest hacker-developed malware or virus. Congratulations. Your site is protected. Now you can sleep easy … for a minute, anyway. The truth is, getting the latest patch is only the first step in protecting your website from the myriad viruses and other… Continue Reading »

  • Disadvantages of signature based web malware monitoring

    End Of Road Sign

    When it comes to your website, nothing is more important than security. Monitoring and protecting your website against malware attacks is all that stands between a functional, working website that meets your needs and a domain name that’s dark, broken or worse: embarrassing for your brand or you. The good news is that when it… Continue Reading »

  • First Steps You Should Take on How to Become a Hacker for the Good Side of the Force

    Being a security professional, or white hat hacker, is not a job that is easy. Anyone who wants to find work in the IT security field needs to have a lot of sincerity, dedication to learning, knowledge, ability to explore the thinking and the ability to think outside of the box. For people who want… Continue Reading »

  • Five of of the Worst Viruses You Haven’t Heard Of


    It’s hard to imagine a world without computers, mobile devices or the Web. Cyber criminals and malicious hackers know just how important these tools are to not only work, but everything we do in our personal lives as well. And because we rely on them so heavily, they are a prime target for attack. Viruses… Continue Reading »

  • Malware That Affected Facebook Users

    Facebook Safety

    Statistics released by BitDefender in 2010 showed that 20 percent of Facebook’s users at that time were exposed to malware being distributed through malicious posts. Even as people are more aware of malware being spread via Facebook, that number still hovers at 20 percent according to ZoneAlarm. Over time, Facebook has seen quite a few… Continue Reading »

  • Five Most Famous Good Guy Hackers


    The term hacker really carries some negative connotations thanks to the media. Whenever there is an act of cyber crime the news media is quick to point out that hackers are responsible. Movies portray hackers as evil geniuses locked away in rooms as they navigate their way through mazes in cyberspace. Even heroes in books… Continue Reading »

  • How Malware Infects Websites

    Effects of a malware infection

    We all know that earning a spot on the Google blacklist can be devastating to your business. If your web site is infected with malware then a visit from Google’s quality control team is sure to follow. Once they determine that a site is potentially harmful to visitors, they aren’t too keen on sending visitors… Continue Reading »

  • History of Malware


    When it comes to malware, history tends to get a bit fuzzy. Different web sites make different claims as to which piece of code is considered the first virus based on any number of variables such as replication, operating system and potential for damage. So instead of debating as to what constitutes malware or who… Continue Reading »

  • Cleaning up malware-infected WordPress sites

    Web-malware – a relatively new kind of threat, is sweeping the internet right now. Thousands of websites are compromised every single day, leading to an average of 7 – 10 days of lost revenue, immeasurable stress and damage to reputation. When websites get infected with Web-malware, it takes days to clean. In this article, we… Continue Reading »

  • How to: StopTheHacker Trust Seal

    StopTheHacker Trust Seal

    We have launched a completely new trust seal, one that clearly conveys the safety status and last scan date of your website. This new trust seal also projects an invaluable sense of trust to your website’s visitor. In this article we provide information on how to get access to the trust seal. New Trust Seal… Continue Reading »

  • How to: Use the new StopTheHacker Dashboard


    This article describes how to use the new dashboard with details on the new design, new features and why they are in place. If you rather like to watch a video then reading through this article, we have prepared a video on the new dashboard for you as well. New Dashboard  Our new dashboard allows… Continue Reading »

  • Check out StopTheHacker’s New Dashboard and Trust Seal

    StopTheHacker has completely redesigned its dashboard. It’s faster, easier to use, more intuitive and easy on the eyes. Yes, we have tried to make the customer experience for our community of security conscious website owners better. This dashboard allows customer to get access to frequently used features more easily, cutting down the amount of time… Continue Reading »

  • Best Way to Protect Your WordPress Blog from Malware

    In April over 700,000 Macs were infected with the Flashfake, or Flashback, malware. These computers were infected because the user visited any one of the 100,000 WordPress blogs that contained the malware and infected their visitors via drive by download. These numbers only reflect the damage done by one single strain of malware, and as… Continue Reading »

  • LinkedIn Security Breach!

    Security Breach At Yet Another LARGE Corporation – LinkedIn Users Beware June 6, 2012 As of this afternoon, one of the world’s largest professional networking sites has retracted their earlier denial of any security breach of 6.5 million of their users’ account passwords to confirm the rumors. The company has invalidated the passwords of affected… Continue Reading »

  • StopTheHacker Customer Case Study: La Vie Céleste


    La Vie Céleste is an all-natural, anti-aging skin care line that provides commercial quality skin care at affordable prices. Founded and led by Dr. Teri Dourmashkin, who holds her Doctorate in Health Education, the La Vie Céleste skin care collection is known for featuring the finest ingredients that nature has to offer. Committed to health and… Continue Reading »

  • StopTheHacker Customer Case Study: Christopher Imaging, Inc.

    Christopher Imaging, Inc. is a full-service photography lab for traditional and digital photographic imaging. A third-generation family business led by CEO Todd Christopher, the company employs 25, and consists of three business divisions including a wholesale and professional sales lab, a consumer mini-lab and a portrait studio. Christopher Imaging staff are proud of their reputation… Continue Reading »

  • How do cybercriminals profit from infecting websites with malware?

    A guest post by Caitlin Condon, StopBadware’s raconteur We at StopBadware see a lot of hacked websites. We also get a lot of questions from webmasters who want to know why bad actors make it a point to hack legitimate sites. The primary motivator of malware authors and distributors today is simple: money. The more… Continue Reading »

  • They Got Hacked? Sites You Never Knew Got Hacked

    Let’s take a trip back to 1992, when the hacking thriller “Sneakers” dropped in theaters. If you’ll recall, a team led by Martin Brice obtained a box capable of breaking any encryption code. This meant that they could, if they so desired, hack into any government system in the world. Unfortunately (or fortunately, depending on… Continue Reading »

  • The Biggest Data Breaches of All Time

    When you hear the term “data breach,” what comes to mind? Probably recent events like  the credit card problems at Global Payments or PlayStation’s breach of end user accounts. And while these are certainly nothing to scoff at, they certainly weren’t as bad as they could have been. With that in mind, let’s take a… Continue Reading »

  • Best Ways to Tell if Your Site is Not Secure

    If you own a web site, odds are malicious hackers will take notice. Whether their aim is to inject  your site with malware to pass along to your visitors, flood your web pages with spam links, bring your site down via a denial of service attack, deface your web site or steal confidential information if it has a URL… Continue Reading »

  • Website Malware You Should be Aware Of – The Top 10

    It used to be that malware was spread through sharing floppy disks. The threat eventually moved on to USB drive, email and file sharing downloads. Nowadays, the threats are so advanced that simply visiting a web site that contains malicious code can cause your computer to be infected. Below, you will see a few examples… Continue Reading »

  • Update now – WordPress releases Security Update 3.3.2

    It’s time to update your WordPress installs. WordPress released an update to WordPress 3.3.2 addressing some serious bug fixes. These update was released by the WordPress core security team on Friday, 20th April. The WordPress 3.3.2 update includes security updates of three external libraries included in WordPress: Plupload (version 1.5.4), which WordPress uses for uploading media. SWFUpload, which WordPress… Continue Reading »

  • Ten Scariest Hacking Statistics

    We hear about cyber crime and malicious hacking all the time in the news but have you ever stopped to wonder just who it affects? After all, unless we are aware (the key word being aware) that we were directly touched by cyber crime we may never know just how much of a problem it… Continue Reading »

  • How StopTheHacker Works to Help Prevent Attacks on Websites

    Current research shows that over 85% of all malware comes from the web. This number is so high because it is estimated, by the same report, that more than 30,000 websites are infected with some sort of malware every day. And this number is not limited to malicious sites set up by cybercriminals, a majority of these sites are… Continue Reading »

  • Website Security: What do I need to know? What do I need to do? – Part 2

    This is the second part of our blog article about the emerging security issues for and threats to websites as well as some of the options to address them. To read the first part of our article click: Website Security: What do I need to know? What do I need to do? – Part 1 In… Continue Reading »

  • Startup Security Checklist: Things You Should Do Before Launching Your Site

    There was a time when attackers concentrated their efforts on large corporate web sites. Smaller businesses usually did not tend to the security of their web site as much because there wasn’t enough notoriety in bringing down a small mom and pop site. But now things have changed. Any site on the web has become a target for… Continue Reading »

  • Website Security: What do I need to know? What do I need to do? – Part 1

    This article describes some of the emerging security issues for and threats to websites as well as some of the options to address them. The information is first in a series of articles that will discuss how to make a website more secure. This target audience is owners and managers of websites. The contents reflect… Continue Reading »

  • The 5 Most Infamous Hackers of All Time

    We all know that the term hacker is synonymous with computer enthusiast. However there are hackers out there who use their skills in less than legitimate ways. This list shows five of the most well known black hat hackers of all time. Kevin Mitnick At age 12 Mitnick used his social engineering skills to ride Los… Continue Reading »

  • How to set up Automatic Malware Cleanup for your site

    Visit “panel.stopthehacker.com” in your web browser. If you don’t have an StopTheHacker account you can sign-up for one of our four editions easily. When logged in to the panel you will see your dashboard.  Here you will see a number of notifications in the top area of the dashboard, as sown below. Click on “Setup… Continue Reading »

  • How to Deal with the Latest WordPress Outbreak?

    Malicious hackers are finding new ways to compromise legitimate, benign websites with web malware. The goal of this post is to highlight a long running saga of a specific kind of malware injection, which we’re calling the “rr.nu/mm.php” variety. This specific variety of malware has very poor detection rates when Anti Virus programs are used… Continue Reading »

  • What is Malware? And How is Web-Malware Different?

    The word malware has been used often in recent times. However, what does malware actually mean? There is a lot of confusion among Internet users and others about what malware really is and what a piece of computer software branded as malware really does? In this short article, we will explain what malware is and… Continue Reading »

  • Host Europe Group Launches StopTheHacker’s SaaS Website Protection Suite in Europe

    SAN FRANCISCO, CA – February 22, 2012 – Host Europe Group – the largest privately owned hosting group in Europe – has today announced that it has partnered with website security services provider –  StopTheHacker –  to offer its SaaS website security services throughout  Europe. Host Europe Group will roll out StopTheHacker’s comprehensive suite of… Continue Reading »

  • Experts Explain: WordPress Security

    This is the sixth part in our series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article we will talk about WordPress security. WordPress is arguably the most popular content management system (CMS) on the Internet today. Malicious… Continue Reading »

  • Experts Explain: .htaccess Attacks

    This is the fifth part in our series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article we will talk about a very popular attack method used to infect legitimate websites: .htaccess redirection. This technique is used by… Continue Reading »

  • StopTheHacker Announces Funding Round

    SaaS Website Security Startup StopTheHacker Launches Commercial Services Based on Initial Funding Round Investment Fuels Ongoing Development and Sales Push for Emerging Internet Security Player SAN FRANCISCO, CA – February 13, 2012 – SaaS website security services provider StopTheHacker has received $1.1M in initial funding from public and private investors including Runa Capital, an early-stage… Continue Reading »

  • Experts Explain: Hidden Backdoors

    This is the fourth part in a series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article we will discuss one of the most common attack methods used to infect benign websites: Hidden backdoor shells. This particular compromise… Continue Reading »

  • Experts Explain: FTP Account Compromise

    This is the third part in a series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article, we will describe one of the most common reasons why benign websites are hacked and then are infected with malware: FTP… Continue Reading »

  • Experts Explain: Cross Site Scripting

    This is the second part in a series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. This time, we will discuss one of the most prolific techniques used to compromise millions of websites: Cross Site Scripting. Cross Site Scripting attacks… Continue Reading »

  • Experts Explain: SQL Injection

    Website security is an arms race. Malicious hackers modify their methods constantly to infect benign and legitimate websites with web-malware. One of the most common techniques used to compromise millions of websites is called SQL Injection. SQL injection attacks have been making headlines increasingly in the past few months. This highlights the sorry state of… Continue Reading »

  • Chickenkiller Infections

    Malicious hackers are continuously evolving the strategies they use to infect thousands of innocent and benign websites with malicious computer code, i.e. web malware. Web malware is a relatively recent phenomenon and is quite different from the “standard” viruses and trojans that are known to infect PCs and servers. How do I identify the malicious… Continue Reading »

  • RokBox.js Infections

    Today’s websites make use of many third party plugins to add new functionality with the least amount of effort. The inclusion of these third party plugins brings significant additional risk, namely the introduction of vulnerabilities to one’s website through vulnerabilities in the plugin itself. A prime example of this is the Timthumb malware outbreak that… Continue Reading »

  • DragosImport, Domboware Attacks

    In the recent weeks, two websites have been used increasingly to mount attacks on unsuspecting visitors of legitimate, benign, sites compromised by malicious hackers. We will discuss the details of these distribution sites in our post. Is my site infected? First, to determine if your site has been compromised by the infections mentioned here, search… Continue Reading »

  • Willysy Injection Attacks

    Code injection attacks are now affecting millions of websites on the Internet. It is no longer an option to leave your website unprotected. We will be discussing the major outbreak of the “willysy.com” injection attacks in this article that at one time affected more than 100,000 websites. What is the Willysy attack? This particular code… Continue Reading »

  • Redirection Attacks

    Malicious hackers are continuously changing the tactics they use to compromise websites. Over 6,600 new websites are hacked and blacklisted every day and begin distributing malware to potential customers and visitors, destroying their owner’s online reputation. One of the primary mechanisms used to infect visitors to a website is insertion of malicious code into a… Continue Reading »

  • Google Groups Hacked?

    As of November 21, 2011, a large number of posts on Google groups seem to have been replicated to some adult chat rooms on Google Groups. This seems to be an attempt to game the search engine algorithm that Google uses and gain high search rankings for adult, spammy and potentially malicious websites. We have… Continue Reading »

  • Simple Machines Malware

    Simple Machines is a forum software used by thousands of website owners around the world to build online communities into their websites. Unfortunately, it is a perfect target for malicious hackers too. Finding a way to compromise the Simple Machines installation to inject malware into a legitimate website thereby infecting its visitors is an attractive… Continue Reading »

  • nl.ai p,a,c,k,e,d Malware

    Malicious hackers are continuing to find new ways to infect benign websites. A recent spate of attacks on WordPress powered sites proves this more strongly than ever. One popular method for infecting WordPress powered websites is to infect a file called “wp-settings.php”. The malware is then spread from this file to all subsequent requests for… Continue Reading »

  • osCommerce Attacks

    Malicious hackers are always looking to exploit software used by website owners to power their websites. One popular type of application that malicious hackers target is shopping carts, like osCommerce. This allows them to compromise a large number of websites using the software, infecting the visitors to these sites with malware. We have described how… Continue Reading »

  • Conflg.php Hack

    One of the latest attacks we are tracking on the Internet has already infected about 250 websites at the time time of our post. This number is growing rapidly. We will be posting more details regarding the Conflg.php Hack and the reason it is infecting benign websites in our forthcoming posts. What is the purpose… Continue Reading »

  • Domain Chaining Attacks

    Malicious hackers are constantly changing tactics in order to evade detection. One of the relatively new mechanisms that has been used to infect thousands of websites on the Internet is known as Domain Chaining. Domain Chaining is the act of using multiple malware infected domains to form a network that distributes exploit code to benign,… Continue Reading »

  • Blogutils.net Tumblr Hack

    A recent spate of hacking incidents has led to the compromise of the popular website blogutils.net. Blogutils.net provides website utilities like visit counters that can be embedded on websites built using popular software. Many websites, including some accounts created on tumblr.com have been recently blacklisted by Google. The primary reason for this is the compromise… Continue Reading »

  • TimThumb Malware

    The ability to integrate useful third party plugins into a CMS like WordPress provides website owners the ability to add new functionality to existing websites. Unfortunately, this feature comes at a price. Third party plugins often have security vulnerabilities that allow malicious hackers to break into websites and use them to distribute malware. We take… Continue Reading »

  • IFRAME-based Web-Malware

    The IFRAME element, part of the HTML specification, continues to be a favorite attack vector for malicious hackers. Loading malicious payload by means of an IFRAME is an extremely easy and effective. Attackers infect and compromise websites and use them to infect other websites by loading malware from external locations, like other hacked sites. Think… Continue Reading »

  • It’s LizaMoon All Over Again

    The state of website security has been steadily improving over the last few months. Website owners and administrators are beginning to wake up to the fact that malicious hackers can use legitimate, benign, websites to spread malware on the Internet. However, there is along way to go. Just recently we have seen a spike in… Continue Reading »

  • Google Acknowledges Challenges in Detecting Web-Malware

    Google announced today that the fight to detect web-based malware is far from over. The problem is growing and changing every day. Websites must be protected to prevent the spread of web-based malware. From the Article Google issued a new study on Wednesday detailing how it is becoming more difficult to identify malicious websites and… Continue Reading »

  • We’re at HostingCon!

    StopTheHacker is at HostingCon 2011 in beautiful, sunny yet cool, San Diego! Come visit us at booth #623. If you’re at HostingCon, whether you are a customer or you would like to learn about our services, affiliate program, or how to partner, come by and say hi! We’re also giving away fee stuff including a… Continue Reading »

  • Scheduled Maintenance

    Our service provider will be conducting scheduled database maintenance tomorrow, Wednesday, August 3rd, at approximately 6:00 AM PT. The upgrade will take approximately 30 minutes. This maintenance will improve performance of our websites. During this maintenance, some webpages at StopTheHacker.com may be unreachable or be served slower than usual. Logins to the customer panel and… Continue Reading »

  • Free Facebook Safety App

    Building on our efforts to identify malware and spam on social networks like Facebook, we are very happy to announce the release of our Facebook safety app, MyPageKeeper, in collaboration with researchers from the University of California, Riverside (Press Release). For more information about MyPageKeeper, visit the Facebook app page. Why should you use MyPageKeeper?… Continue Reading »

  • Koobface Malware Detection

    Malware authors are constantly coming up with new ways to compromise web sites. Now malicious hackers have started to focus on the weakest link in the security chain, web sites, breaking in and then using them to distribute dangerous viruses. This spreads malware on PCs which are then used to form bot networks of compromised… Continue Reading »

  • BlackHole Toolkit: Malware Running Wild

    Malicious hackers are infecting websites in droves using new kinds of malware. Websites are the newest malware battleground. Benign websites are being compromised and infected by hackers in order to infect their visitors. In the vast majority of cases, the affected website owners are completely oblivious to the fact that a malicious hacker has used… Continue Reading »

  • Apache Used to Inject Malware

    Malware authors are constantly coming up with new ways to compromise web sites. Now the weakest link in the security chain, malicious hackers have started to focus on web sites, breaking in and then using them to distribute dangerous viruses. This spreads malware on PCs which are then used to form bot networks of compromised… Continue Reading »

  • Malware Faking Google (g-oogl-e.com)

    Malicious hackers are compromising websites in droves. Over 6,600 websites are hacked everyday and begin distributing malware to potential customers and visitors, destroying their owner’s online reputation. In the vast majority of cases, affected website owners are completely oblivious to the fact that a malicious hacker has used their website to infect their visitors. In… Continue Reading »

  • Web-Malware Spoofing Images (imgaaa.net)

    The incidence of web-malware is on the rise, thousands of websites are infected every day as webmasters and business owners grapple with this new hydra of the Internet. Traditional Anti-Virus software is completely helpless when it comes to detecting these new and evolving pieces of malware which are being used to infect websites by malicious… Continue Reading »