The infamous bot network Asprox has been dormant for a couple for months now, but recently it started waking up again. The botnet is currently searching for vulnerable servers and websites to infect and the reason is to infect the visitors computers with harmful code. In May/June this botnet was able to infect more than 1,000 sites, and it could be as bad this time.

What will happen if your site, blog or server gets infected?

Evil code will be inserted in your pages and every visitor you get to your site will get infected by some kind of trojan. Exactly which trojan and how the infection is done varies a little bit from time to time, but it's basically an iframe or javascript code somewhere inside your own HTML code.

If Google and other security companies gets enough complaints that your site is spreading viruses or trojans they will blacklist your site. This means that most people will see a big warning sign instead of your site. They will also be recommended not to visit your site since you're a security risk.

If you don't stop spreading viruses and trojans your hosting company could close your account because you're a security risk and you could harm your web hosting company's reputation.

If you get your site infected this not only will cause you to lose a lot of credibility, but you will also lose revenue since most people will not be able to access your site at all. Also who wants to buy something (and hand over for example credit card numbers) to someone that can't secure their web site?

So, what should you do to avoid this?

Make sure all your software is up-to-date. Upgrade all your Wordpress, phpBB, vBulletin etc installations (especially if they use SQL as database since these botnets tend to focus on that).

Make daily backups of your site on a secure location (not on the same server as you have your site), so that you can switch back to a clean copy of your site just in case the unwanted happens.

Check your site daily for suspicious code, so you can correct any problems before your site is blacklisted. Look for Javascript and iframe code you don't recognise, especially if the domain name used in the code is funny looking or if the Javascript code is completely encrypted and unreadable.

You may also be interested in...
More SQL injections
Business Start-Ups On The Increase
Whats More Important, Site Traffic Or Site Income?

This entry was posted on Monday, October 5th, 2009 at 7:59 pm and is filed under Antivirus & Security, The World According to Xavier. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.