[WEB SECURITY] WebSite Malware and Samples

Gautam gautam.edu at gmail.com
Sat Jun 15 19:31:32 EDT 2013


I am looking for some assistance, tips and guidance on the Website Malware.
Recently i have seen many of my friends who had a website were infected by
some malware which got illegal content on the site.

Most of them were either Wordpress or Joomla.

I see this in two ways :

1. Possibly their admin credentials for ftp, sftp, or admin to these
applications were compromised. This is possibly due to some malware or
stuff on the system they use to mange these sites

2. Second possibility is that there were knows/unknown security bugs in the
web that were exploited.

I want to understand what are the other possibilities and what are the
general rules that one should follow for securing the sites after
infection. Any pointers from your own blog, paper or tips from your own
experience would be helpful.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20130616/d8273689/attachment-0003.html>

More information about the websecurity mailing list