Spyros is a street photographer from Greece who runs StreetHunters.net. He also owns a webdesign agency and takes security very seriously. Although he routinely updates his website and uses a WordPress security plugin, Spyros found himself dealing with a complex infection that left his website blacklisted by Google.
After our analysts reversed all malicious changes, Spyros activated our Website Firewall. When we caught up with him a few weeks later, he told us about the experience of being hacked, and how Sucuri came to the rescue. He also indicated that he’d been studying his new Sucuri Firewall Dashboard
“I saw the firewall was really working well!
In December 2014, SoakSoak was a massive malware campaign affecting over a hundred thousand WordPress websites, most of which were using an outdated and vulnerable plugin. In some cases, the plugin had been integrated as part of a theme not yet patched by the theme developer.
I got an email from one of my readers saying that our site had been reported for malware…
I fired up Chrome and got the red screen. I felt like I’d had a heart attack, you know? That my readers would lose credibility in the brand immediately, and would think that we don’t take security seriously or take them seriously.
Spyros published a post telling his readers what happened:
“We take security very seriously at Streethunters.net and we do not leave things to chance. Our website had all the latest security patches installed when the attack took place and is also backed by a highly respected security suite since it first launched keeping our data and you safe from almost all possible attacks. ”
Spyros is a savvy webmaster who knows his website. He and his developers investigated, responded, and felt confident that the malware had been successfully removed. The blacklist had been seemingly cleared and Spyros slept soundly that night.
But here in Greece we have a saying. “Your luck works even when you are sleeping” which means that the world keeps on moving, sometimes to your disadvantage, even when you are asleep
By morning Spyros found the situation had worsened. His website had been freshly blacklisted by Google with over 50% of his files injected with malware. The SoakSoak malware campaign had continued to evolve. Without a way to virtually patch and prevent infections, and with the theme still unsecured, the website remained vulnerable.
Sucuri had been recommended in the comment section of a Gizmodo article, leading Spyros to sign up for malware detection and cleanup with our Sucuri AntiVirus. He saw the response time was immediate and started to relax. Then our analysts sent him a full report of everything that was cleaned, along with recommended actions to stay secure. Our team also submitted his blacklist review requests. Spyros, seeing that his files and the blacklist were cleared, decided to partner with Sucuri for complete website protection to offer the highest level of security for him, his readers, and his clients.
After this incident, we decided that we mustn’t just be serious about our security. We must be paranoid!!! There is just no other way to be safe. So with clean files to work on, we purchased a bundle of monitoring and security options from our new security partner, Sucuri. To put your mind at ease, we guarantee our security and to show it we have now placed a badge on our pages to let you know that we do not take these things lightly. So, feel free to safely surf the pages of our website once again!
Quoted from Malware threat eradicated. Battle won!
When asked how he feels now with the Sucuri Website Firewall in place, Spyros responded:
I feel great. I feel like a weight has been lifted off my shoulders. We have been victims of hack attacks in the past and had always taken care of them on our own.... You know how the web was about ten years ago when one guy could do everything? Well, it’s not like that anymore I’m afraid. So, yeah, we need someone who specializes in this. I told my guys at work that I used [Sucuri] for StreetHunters, and they’re all psyched. My business partner said maybe we could have a discussion about a larger partnership.
Web developers and designers like Spyros need to take ownership of website security. The good news is that you don’t have to do it alone. The threats across cyberspace are becoming more and more sophisticated, and hackers use websites of all sizes to deliver malware and spam. They take advantage of your resources, slow or stop traffic to your site, and worst of all, violate all of the creativity and hard work that make your business thrive. Stay focused on that hard work. As Spyros says, “It’s not our core business, security. We just design websites.” At Sucuri, our core business is one thing: providing you and your clients with the most complete website security possible.