About website infection with viruses in simple terms: what to do, how to remove, how to protect yourself from viruses in

mdabuhasan · Post by **mdabuhasan** » Tue Apr 22, 2025 3:50 am

This article is not written for developers, but for website owners. In simple terms, we will tell you what a person who does not understand anything about web programming can do with a virus-infected website.

How does a website get infected with viruses?
1The most common reason for a website to become infected is phone number library the owner's carelessness. People often save passwords for the website's admin panel in the browser. And if their computer is infected, the malware steals the password from the browser and sends it to the attacker. The attacker logs into your website's admin panel and injects viruses into the code, which instantly infect all files. This usually happens automatically, with the help of special bots. That is, the attacker has programs that infect thousands of websites on autopilot, 24 hours a day.

2The second most common reason is clumsy developers. They can compromise the site while uploading it to the server (i.e. passwords for the site can be stolen from their computer).

For example, developers' passwords are often stolen from their FTP managers - programs with which a site is hosted on a server.
The result will be the same as in the previous paragraph.
Or, as an option, the developer can install some “leaky” application on the site, which opens the “gate” to the server for viruses.

3Another reason is a poor quality content management system (CMS). Vulnerabilities in the content management system can allow attackers to infect the site with viruses, steal your data, or even steal the site itself. Vulnerabilities are sometimes found even in very well-known and respected engines. What can we say about home-made, unknown CMS.

4A bad hosting provider with poor-quality software on their servers. This is quite rare these days, but it is possible. If a hosting provider allows a vulnerability on their servers, it can lead to infection of the websites located there.

Who infects websites with viruses and why?
We will not consider cases of hacking some large portals or social networks. Let's talk about ordinary sites belonging to beauty salons, legal companies, construction firms and the like. Who needs to infect them?

Most often, owners of small sites blame their competitors - they say that they decided to spite them and infected their site. But in 99.99% of cases, this is not true. It is too difficult and expensive to order the hacking of one specific site. Sites are infected by the thousands at a time and this is done by people who earn money by distributing viruses, advertising, and posting links.

Read also
About guarantees for websites - the whole truthThe whole truth about website guarantees
We tell you in detail about what kinds of guarantees there are for websites, when they are valid, and what to do if the developer does not want to fulfill their obligations

That is, in short, it might look something like this. There is a person who has gained hidden access to thousands of infected computers (he could have bought this network from another hacker, or created it himself using various tricks). Then passwords and logins for access to web resource control panels are stolen from the infected computers. This data is transferred to a special program that massively hacks all the sites for which it has the passwords. There could be hundreds, thousands, tens of thousands of them. Malicious code is downloaded to the sites and modifies the files. Now the hacker has a huge network of hacked sites that are completely under his control (until the owners notice and remove the viruses). And then:

He can place some virus on hacked sites that will infect visitors' computers.
Or a virus that will steal money from cards, block phones and computers
Or, which happens very often, the virus will steal accounts on social networks (you've probably had cases when some friend you haven't talked to for ten years writes to you on a social network and asks to borrow money, and then it turns out that he was hacked - this is exactly the case).
Or a hacker can place ads for some nonsense on infected sites and get money for it.
Or he can advertise his sites by placing links in a network of infected resources.
Or he can sell this network of infected sites to another hacker who is too lazy to hack sites himself, but needs the network.
There are still a lot of other options. If there was a network of infected sites, and how to use it - you can always think of it.