If your site has been infected, it is generally because some vulnerability has allowed a hacker to take control of your site. The hacker may change the content of the site (for example, to add spam), or add additional pages to the site, usually with the intent of phishing (tricking users into parting with personal and credit card information). Alternatively, they may inject malicious code (malware)—for example, scripts or iFrames that pull content from another website that tries to attack any computer that views the page.
The term “malware” covers all sorts of malicious software designed to harm a computer or network. Kinds of malware include (but are not limited to) viruses, worms, spyware, and Trojan horses. Once a site or computer has been compromised, it can be used to host malicious content such as phishing sites (sites designed to trick users into parting with personal and credit card information). Some hackers may even take administrative control over a hacked site.
If your site is listed as badware by Google or another StopBadware data provider, follow the steps below.
Clean & secure your website
Your website could have badware, even if you don’t know it!
Check your site
After cleaning your site, scan it with following free tool to make sure you haven’t missed anything.
1. Google Diagnostics
2. Unmask Parasites
3. Rex Swain’s HTTP Viewer
See exactly what an HTTP request returns to your browser
4. Sucuri SiteCheck
Fully free and open, check multiple pages for malware, spam, and defacement.
soswebscan is free online website scanner to identify iframe badware
Request a review
You’ve scanned your site, and everything looks clean. It’s time to request a review.
If Google is the only data provider listing your site:
You can request an automated review through Google’s Webmaster Tools. This is the fastest way to get your site removed from Google’s list.
To request a review through StopBadware, find your site in our Badware Website Clearinghouse. Then, click “Request an independent review of data providers’ findings.” Fill out and submit the form.
About malware and hacked sites (from Google help)
- If your site is infected: How to clean up a hacked site.
- Preventing malware infection: Best practices for avoiding infection in the future
- Requesting a malware review: Once you’re sure that all spam and malicious code has been removed, you can ask Google to review it. Google will check your site and, if it’s now clean, will remove any warning label that appears in your site’s listing on the search results page.