Site being attacked? An attacker views your website as a juicy collection of resources they can use, generally to make money. People who attack WordPress sites are just criminals with technical skills, criminals who exploit any vulnerability that they can find. It’s connected to the internet and likely has a squeaky-clean reputation. It might include interesting user data like email addresses, usernames and passwords. While it might be modest, it has some traffic coming to it.
Phishing and Spam
Because your site has a clean reputation, when attackers host phishing pages on your site, services like Google Safe Browsing that would normally warn users about suspicious websites won’t know to alert visitors to the danger of the phishing page. Well, until the phishing pages are reported. Then, you may end up on a blacklist.
A popular approach is hosting spam pages and injecting spammy links. Your site is legitimate, so search engines like Google assume that your content, including outbound links, is also legitimate. Attackers love to plant SEO spam in the form of pages and links on your site, boosting SEO rankings for their malicious businesses. It’s important to remember that while your site alone isn’t capable of boosting an attacker’s SEO results, thousands of compromised sites can really move the needle.
In some cases, attackers will go so far as to redirect all of your traffic to malicious sites. But in most cases, they employ measures to avoid detection, only redirecting traffic to specific URLs or for specific browsers or device types or if the traffic is coming to the site from a search engine.
Defacements and Malware
In the case of defacements, the attacker just wants to get their message out. By taking over your website, they are able reach your website visitors, at least until you figure out what they’ve done. Attacks of this nature often represent a political movement or are just looking for “street cred” in the hacker community.
Another way attackers monetise hacked websites is to use them to spread malware. They install website malware that installs PC malware on your visitors’ computers or devices when they visit your site. As a site owner, this is scary, as not only do you risk having your site flagged as malicious by search engines and other blacklists, but your visitors potential customers are not going to be happy with you. Your reputation could be damaged for a long time. In addition, a hacked website can have a negative impact on your search engine rankings.
Regardless of the size of your website audience or the cost of your hosting plan, criminals will happily find a way to monetise it if they can break in. Luckily, Chkserv can help you with infected WordPress sites.