Hacked Magento Store Cleanup
Your Magento store can be hacked due to compromised FTP credentials, an insecure web host, a vulnerable extension, a weak password, or an outdated Magento installation.. When a Magento store is hacked, the hack is used to insert malicious code that performs one or more harmful activities. Hacks can have a serious impact on the traffic that your store receives. A hack that distributes malware can cause the store to be blocked from visitors and a hack that inserts spam can cause the store's search rankings to drop or cause the store to be removed from Google's search engine. If your Magento store has been hacked we can clean it up for you, attempt to determine how the store got hacked, and help you to secure it against a future hack. Hiring us will ultimately save you time and money over doing it yourself or hiring someone who doesn't know what they really should be doing (which seems to be pretty common based on the number of times we are brought in to clean up after a hack has returned).
Please feel free to contact us to receive a free consultation on how to best deal with your hacking issue. If you are not sure if your store is hacked, we can perform a free check to confirm for you if your store is in fact hacked.
Some of the most prevalent activities preformed by the malicious code are gathering credit card information, inserting hidden spam links in the store's pages, creating spam pages, redirecting visitors to another website (check if a web page is redirecting when accessed from Google), and attempting to install malware on the computers of visitors to the store.
When the hack inserts hidden spam links or creates spam pages, your search rankings can drop significantly and Google may remove it from their search engine's index if they detect hidden text, cloaking (check if a web page is cloaked to Googlebot), or other violations of their quality guidelines. Google may also place a "This site may be compromised." warning on the store's search results. If Google has removed the store they will place a "Notice of Suspected Hacking" message in their Webmaster Tools indicating that this has been done. When the hack inserts code that attempts to infect the computers of visitors to the store with a virus, trojan horse, drive-by download, or other type of malware (malicious software), not only could your visitor's computers become infected but your store may also be blocked from visitors. The store may be flagged and blocked in the Internet Explorer ("This website has been reported as unsafe"), Firefox ("Reported Attack Site!"), Safari ("Warning: Visiting this site may harm your computer"), Chrome ("The Website Ahead Contains Malware!" or "Danger: Malware Ahead!"), and Opera ("Fraud Warning") web browsers. It may also be flagged and blocked in the Google ("This site may harm your computer.", "This site may harm your device."), Yahoo ("Warning: Hacking Risks"), and or Bing search engines as well as Google's AdWords advertising service and Twitter ("unsafe link"). The hacker can also place a backdoor script that allows them remote access to the store to make future changes to it.
The hacks can be hidden in a variety of places and might only be active when the store is visited in a particular way. The hacks may be located in Magento files, extensions, themes, or the database. The most common form of malware infection places an iframe or JavaScript code into the store's pages. When the code inserts hidden spam links, these links may only be in the page if the request comes from a crawler for a search engine. When the code redirects a visitor or attempts to infect a visitor's computer with malware, the attempt may only occur if a visitor comes to the store through Google or another search engine. When coming to the store directly, it will appear to be normal.
To clean up the store, we will review the store's files and database for code inserted during the hack and remove that code. Checking and cleaning the store's files takes a few hours. If the store is running on an old version of Magento, the current versions is 1.7.0.2 (check what version you are currently running), we will upgrade the store to the latest version of Magento following proper upgrade procedures. Also, if any extensions are out of date we will update them. We will also work with you to secure the store against a future hack. If your store has been hacked due to poor security at your web host we can move your website to a new host as part of the service. If your store has been removed from the Google search engine we will assist you in filing a reconsideration request. If your store was distributing malware and has been flagged and blocked, we will request a malware review from Google, Yahoo, and or Bing to have the warning removed. It should take no more than a day to be removed from Google's malware blacklist after a review has been requested.
Price:
US$250 for a website running Magento 1.4.x, 1.5.x, 1.6.x, or 1.7.x. US$350 if the website needs to be upgrade from Magento 1.1.x, 1.2.x, or 1.3.x. Payment is due after the store has been cleaned up and we accept payment by credit card, debit card, or eCheck through PayPal in a number of currencies.