A great thread over at WebmasterWorld forums lists most common hacker attacks types, their footprints and features.
These attacks can cause damage to the presentation of your site, the users who visit your site, and also leave a negative taste on your search engine rankings.
I’ve figured the discussion is worth attention and organized it into a short table also adding:
- some tools that can help to detect the attack;
- links to related articles and discussions.
|Type||Features||Aims||Tools to detect the attack|
|Malware distribution||Common footprint: an iframe that doesn’t belong in your code – especially one with a lot of hex coding.||Uses your site to distribute malware||Google; Google Webmaster tools; Google Safe Browsing Blacklists (SerpGuard)|
|Defacement Hacks||"Old school"||"Online graffiti", no financial value||None, it can be visible by everyone|
|Robots.txt Hacks||Block Googlebot or other crawlers from your site.||Malicious delight, competitive disruption||Google Webmaster tools Robots.txt inspection|
|Parasite Hosting||Place a link back to another site||Site promotion||Xenu LinkSleuth ; Google Alerts|
|Cloaked Hacks||Cloak parasite content so that only Googlebot sees it.||Google referral traffic stealing||A user-agent spoofer|
|Cloaked Redirects – .htaccess hacks||Make it look like the pages of a website moved to a new domain name. In this case, search engines will more or less pass the “value” of a page on to the new URL.||PageRank stealing||Google URL: advanced operator (check if the URL is indexed); a user-agent spoofer|
|Complex Cloaking – using IP and cookies||Cloak parasite content by user-agent and IP address.||Traffic stealing||Browse your site with cookies turned off; study your server logs|
|DNS Troubles||Set up a website that looks enough like the original; hijack the original domain via cache poisoning for as many ISPs/companies as possible, causing their traffic to hit the phony site instead.||Traffic stealing||Check your DNS settings and fix any warnings you get; run a DNS report.|
|Adsense Code hack||Replace your AdSense or affiliate IDs.||Adsense or affiliate income stealing.||Check your Google account stats|