Friday, June 16, 2017
The Pharma Hack is a stealth attack that makes search engines to return results for pharmaceutical products. The hack is hard to detect because the illegitimate pharmaceutical listings are shown beside other legitimate search results.
This hack exploits weaknesses in WordPress and Joomla documents. Nevertheless, this kind of malware is so slick that it does not affect the page displays. The goal of this attack is to make these pharmaceutical sites rank better on Google.
That is because Google values the number and quality of external back links that a site enjoys. Obviously, this is just one of the many factors Google considers when ranking sites, but it is nonetheless an important one.
With this hack, the people behind the attack are able to put an illicit code on your site. To Google, this code makes it seem like you have a link to the site in question. Therefore, the site will end up getting a higher ranking on Google search results.
Obviously, depending on how extensive such an attack is, the hackers can raise their ranking considerably. In effect, this attack is an SEO tactic, except that it does not involve the webmasters of the sites being used to create the back links.
The 3 aspects of a pharma hack
The Pharma Hack is quite interesting, and here are three peculiar things about it.
1. It is very well executed
Unlike other attacks, the Pharma Hack is very well staged. As a matter of fact, viewing your site on a browser like your visitors do will not make it apparent that you have been hacked. Since the goal of this hack is to boost search engine rankings, the rogue code only needs to be seen by the search engines.
This clever tactic is meant to ensure that website owners are not made aware of the hack. That way, the hackers can continue to enjoy the SEO benefits of having back links to your site without you noticing. Obviously, the better ranking your site, the more appealing of a target it becomes to the perpetrators of these hacks.
2. It is hard to find and remove
Even if you somehow manage to know that you are the victim of the Pharma Hack, you will still have a very hard time finding it and getting rid of it. For one, most of its files are disguised, unlike with typical site hacks.
The order of strings in the code are reversed, which makes the malicious files harder to identify. The hackers also use the WordPress database to save the files, and that makes it harder for you to find and delete them using the cPanel.
3. The plugins folder has to be involved
The Pharma hack will need your plugins folder. That is where the malicious files are stored. From this folder, the illicit code is activated. Once activated, the code is able to ping Google and find out the number of back links to that page.
This information is used by the hacker to determine which sites to attack. Sites with more back links are more attractive to those making the attacks because getting such sites to link back to them will give them better search engine ranking.
What damage can your site suffer after the pharma hack?
Generally speaking, a hack is a bad thing, even when it is as unobtrusive as the Pharma attack. Hackers will always try to find ways to keep exploiting the free resources they can access after getting illegal access to your site. Since hackers have little concern for ethics, they can even use ransomware or even shut down your site to get what they want.
At times, they will go as far as sending spam emails and conduct DoS attacks on sites on your server using your website. Also, the malware used in such attacks can cause serious problems and might even cause the shared server you are using with other sites to fail.
The best way to deal with any malware attack is first to contact your host. Any reputable web hosting provider will have a 24-hour customer support via telephone or chat. Before buying hosting, it is wise to check their “contact us” page to see what contact methods they provide.
The Pharma hack is a huge deal regardless of how innocently it is executed. That is why it is worth finding out if you are a victim, which is very likely if you have a high-ranking website with powerful back link value.
What Is The Pharma Hack And Can It Affect A Webhosting Facility?
Image credit: suvaance