To detect flaws, fix corrupted files, and secure the website.

What happened?

Hacktivism endangers not only individuals whose private information is being misused but also local government agencies or even platforms enabling young people to present their social opinions. Waking up into a seemingly pleasant morning, finding out your website is out of order must be an ultimate nightmare. The founders of sebavedome.sk have unfortunately experienced this. They contacted us and humbly asked for urgent help. Their website was not functioning, and the problem was more critical than we initially thought. Handling hacker attacks is a matter of minutes, and so our team was immediately figuring out what the problem was. However, it was quickly apparent that it was a hacker attack. Clandestine group hacking websites just for fun or to ditch political information has, fortunately, opponents who help attacked sides.

Who needs a gun when you have a computer? It is easy to cause harm virtually from anywhere in the world. However, even though it is impossible to identify the people responsible, we can say they must be experts. Proper research was needed for a better understanding of a particular problem.

Problem analysis and solution

After a detailed examination, we tried fixing all the corrupted files and even the database. The sad truth of life is that breaking a vase takes just a second, but putting it back together could last long hours. A similar concern appears to be true of corrupted files. It would be easier to write a program, which replaces pieces of an image with black rectangles than the one which would replace dark holes with something meaningful. It might be complicated, but we never run away from a critical problem. No matter how long it takes, we believe that there is a suitable solution to every problem. This case was not any different, and after our intervention, the corrupted files, database, and theme saw the light of the day once again.

As soon as everything was repaired, it was just the right time for the website to get back into shape. We reinstalled and reconfigured all of the plugins, and the website seemed to be going the right way. However, the site still lacked the images. It is always a good idea to back up the data in case they are lost or become inaccessible. We spent some time finding out where the images were and attaching them to the media library. As a final step, we added pictures back to the posts, but the site was still not ready.

We had to take a look at malware, a program designed to cause damage or do any unwanted actions. It is unfortunate that there are developers with vicious intents, but it is good to be aware of that. Malicious software comes in many formats, and it is good to know which type you are coping with. We spend hours doing research about specific malware and investigating it. Clearly, in order to win, you need to know your enemy.

Our rival was fiercer than we expected. After the analysis, we found out that the malware we were dealing with was a certain type of worm. Worms have been there even longer than the viruses, and their distinctive trait is self-replicating. They typically contain payloads that cause the damage. Payloads are pieces of code written to perform harmful actions despite just replicating itself. In order to get rid of the worm completely, one needs to delete every slight bit of it. Otherwise, it duplicates itself, and you will return to the beginning. Worms can cause almost any type of damage, including corruption of files or stealing data.

Website security

As soon as we got rid of all the pieces of malware, we thoroughly discussed the ways in which we could improve the security of the website. It was crucial for us to do everything to prevent further attacks. Foremost, we looked at the most significant thing many of us still leave behind – passwords. It is tempting to go with something easy to remember, but in order to secure the website, it has to be complex and challenging to crack. Passwords are like protecting walls that stand between you and the hacker, and the stronger they are, the harder it is to crush them.

Once we set the passwords, we moved to the vulnerable assets of the website. Although plugins and extensions might enhance the visitor experience, they also open the door to potential hazards. When plugins are outdated, they become exposed to attacks. Other than fixing bugs and glitches, updates might also patch security holes. We reinstalled all the plugins to their most recent version and finally headed on to the permissions.

No one would allow others to enter their homes and do whatever they want. So why enable foreign people to access the site’s content and update it? In this case, what is not forbidden is allowed, and not setting appropriate permissions serves like an invitation for hackers to get what they need with no effort. To prevent such situations, adjusting permissions so that only authorized people could rewrite and access all the files followed.

We assigned various permissions to specific IP addresses. While unauthorized visitors from unknown IPs have just elementary read permissions, members of sebavedome.sk joined from selected addresses can do considerably more. Internet protocol addresses are, however, at risk of a hacker attack. To secure the IPs of our client, we used a virtual private network or VPN. It establishes a secure connection and traffics all data through an encrypted tunnel. Networks protected this way are very hard to hack and misuse.

Summary

It is necessary to act fast in the potential case of hacker attacks since the longer the wrongdoer has access to the site, the more damage he might cause. Not only our prompt reaction allowed sebavedome.sk to recover in almost no-time and continue educating the general public, but we also did our best to prevent their site from further attacks. When hackers start to use their guns, you can always rely on Revolware.

Want to learn more about sebavedome.sk?

---