This article brings together answers to the questions about hacking we at
Google hear most often.
Why did my site get hacked?
Hackers have different motives for compromising a website. Examples include:
- Financial gain through web spam:
Placing spam links on your website or
redirecting your website's traffic to other sites.
- Stealing sensitive information:
Copying files containing customer
data like credit card numbers, personally identifiable information, or
login credentials.
- Communicating a political or social message:
Defacing a website as a
form of
hacktivism
, to emphasize a point of view and cause change.
- Malware:
Injecting malicious code through scripts or iFrames that pull
content from another website that tries to attack any computer that views
the page.
- Thrill-seeking or vandalism:
For no particular reason other than the
thrill of invading and vandalizing your site.
How do I know I've been hacked?
Examples of common signs that your website has been attacked include the
following:
- Unusual traffic spikes, especially from unrelated search terms.
- Visitors reporting malware.
- Newly created accounts with administrator privileges.
- Suspicious new pages added to your site.
How did I get hacked?
There are many possibilities, including the following:
- Software vulnerabilities.
- Leaked or guessed passwords.
- Unauthenticated administrator pages.
- Unsanitized database queries.
- Unnecessary open ports.
- Exploiting a human weaknesses through social engineering like phishing or
impersonation of a trusted authority.
Eliminating or mitigating these vulnerabilities is extremely important.
Where can I go if I have additional questions?
The
Google Search Central Help Community
has an active group of Googlers and technical contributors that can help you
with additional feedback. Also, most major Content Management System (CMS)
providers have detailed documentation on how to resolve hacked cases. You can
also seek help from a trusted security professional.
How can I reproduce the warnings displayed to the users of my site?
Safe Browsing displays warnings based on the user's browsing context. As a site
owner, you might not be able to reproduce the warnings in your own browsing.
The Search Console
Security Issues report
will tell you whether the issues Safe Browsing has seen with your website have
been addressed.