A great thread over at WebmasterWorld forums lists most common hacker attacks types, their footprints and features.
These attacks can cause damage to the presentation of your site, the users who visit your site, and also leave a negative taste on your search engine rankings.
I’ve figured the discussion is worth attention and organized it into a short table also adding:
- some tools that can help to detect the attack;
- links to related articles and discussions.
| Type | Features | Aims | Tools to detect the attack |
| Malware distribution | Common footprint: an iframe that doesn’t belong in your code - especially one with a lot of hex coding. | Uses your site to distribute malware | Google; Google Webmaster tools; Google Safe Browsing Blacklists (SerpGuard) |
| Defacement Hacks | "Old school" | "Online graffiti", no financial value | None, it can be visible by everyone |
| Robots.txt Hacks | Block Googlebot or other crawlers from your site. | Malicious delight, competitive disruption | Google Webmaster tools Robots.txt inspection |
| Parasite Hosting | Place a link back to another site | Site promotion | Xenu LinkSleuth ; Google Alerts |
| Cloaked Hacks | Cloak parasite content so that only Googlebot sees it. | Google referral traffic stealing | A user-agent spoofer |
| Cloaked Redirects - .htaccess hacks | Make it look like the pages of a website moved to a new domain name. In this case, search engines will more or less pass the “value” of a page on to the new URL. | PageRank stealing | Google URL: advanced operator (check if the URL is indexed); a user-agent spoofer |
| Complex Cloaking - using IP and cookies | Cloak parasite content by user-agent and IP address. | Traffic stealing | Browse your site with cookies turned off; study your server logs |
| DNS Troubles | Set up a website that looks enough like the original; hijack the original domain via cache poisoning for as many ISPs/companies as possible, causing their traffic to hit the phony site instead. | Traffic stealing | Check your DNS settings and fix any warnings you get; run a DNS report. |
| Adsense Code hack | Replace your AdSense or affiliate IDs. |
Adsense or affiliate income stealing. | Check your Google account stats |
Comments
7 responses so far ↓
Nick Stamoulis on Dec 19, 2008 at 11:29 am
All of these situations are so horrible to deal with. It requires so much investigation once you have become infected.
Janos on Dec 19, 2008 at 2:05 pm
Congrats Ann - this was great again… Janos
Small Business Marketing on Dec 20, 2008 at 4:33 am
I particularly liked the tabular presentation. Made it easier to assimilate.
Thanks
Seomastero Seo Service on Dec 20, 2008 at 5:31 am
Wow, Thanks for you head up me. Very usefull for me. keep it up Ann.
web developers tipperary ireland on Dec 21, 2008 at 2:23 pm
a decent firewall keeps most wannabe intruders out
P Moore on Dec 21, 2008 at 7:22 pm
Its sad we need to worry about this kind of thing. It takes away a little more time that we can be using to add value to our readers!
Richard Vanderhurst on May 18, 2009 at 8:38 pm
Thanks Ann for sharing this.. I’ve been studying the common Hacker Attacks for almost a year now and your post really tells it all. Thank you so much!
Leave a Comment