visitor tracker malware

In last month stackbuddy Website infected by Visitor tracker Malware WordPress, first of all i would like to share the some information that what is malware and how they will infected our website.

How to know website is infected by malware attack

As per the research this type of malware attack had already infected 35% of wordpress website within 20 days.The malicious code started very simple. It would modify the headers and footers of the site and add a javascript to redirect visitors to a Nuclear Exploit Kit landing page. These landing pages tried a wide range of available browser exploits to infect the computers of unsuspecting visitors.

This malware campaign adds the following code to all javascript files on the site:

visitortracker_malwar

Which interacts with a secondary backdoor inside the site to force the browser to load a malicious iframe from one of their Nuclear Exploit Kit landing pages. The current landing page is pointing to vovagandon.tk (193.169.244.159), but that domain changes very often.

They named this malware campaign “VisitorTracker“, because of the function name used in all injected javascript files: visitorTracker_isMob(). So Visitor tracker Malware Infecting WordPress Sites rapidly.

How to overcome with this attack :

Now the biggest question is how to overcome with this type of malware attack without affecting seo and visitor ratio. I am going to share what we did when stackbuddy is infected by this malware.

Update all plugins :

Update your plugin and wordpress core files first, It might be possible that this malware was come from the any plugin and other source.

Database Backup :

Then take the latest backup of your database because this type of attack is not generally infected the database schema. So you can take the db backup without any issues.

Files and Folder backup :

Then after completing database backup you need to take backup of your all the files. Please ignore the .js file.

Fresh installation of WordPress :

Remove the all files and install the fresh wordpress in your hosting. You can point the same database so you will get everything working.

I found the majority of the infection was loaded in the wp-content/uploads directory.

How to know website is infected by malware attack

If you want to check that your website is infected by this malware or not, you can do it by sucuri scanner.

Sucuri-SiteCheck-Free-Website-Malware-Scanner

Share your feedback and suggestion by commenting.




Kalpesh Sharma
StackBuddy from Kalpesh Sharma aims to help out bloggers & developer to become successful online. Stackbuddy is focus on several things like blogging tips, search engine optimization tips, make money online tips , SEO tips, job updates , programing tips and internet marketing tips for your online success.
Website infected by Visitor tracker Malware WordPress was last modified: October 26th, 2015 by Kalpesh Sharma
Join StackBuddy Newsletter

Join StackBuddy Newsletter

Get Free Weekly Updates Via Email About Blogging Tips, SEO , Affiliate Marketing, Make Money Online & News from Stackbuddy.

You have Successfully Subscribed!

Leave a Reply

Your email address will not be published. Required fields are marked *

Join The StackBuddy Club !

Join The StackBuddy Club !

Enter your email address to subscribe to this blog & receive notifications of new posts by email

You have Successfully Subscribed!

Share This

Share this post with your friends!