Short tutorial on Gumblar attack and ways to retrieve your website from Gumblar attack.
What is Gumblar Attack?
Gumblar Attack is a kind of coding attack, where the hackers inject some malicious code into your website files. Visitors to the site affected by Gumlar attack will be redirected to an alternative site that contains further malware. When a person visits such an attacked website, the malicious code in the attacked website would read and send all the password informations you stored in your PC (such as FTP password infromation used in Filezilla ) to the hacker. The hacker could use those informations to hack and put malicious code into your website and make it vulnerable.
Now these kinds of sites are detected by google and blocked from viewing in browsers such as Firefox, Chrome etc. So when you view an attacked site using Firefox browser you will get a warring like Reported Attack Page, in Chrome as The Site ahead contains malware instead of displaying your website contents. The website under Gumblar Attack in Firefox and Chrome will look like the screenshot given here.
How To Retrieve Website From Gumblar Attack?
In this short tutorial, we will discuss on how to retrieve website from Gumblar Attack.
Step 1: Remove all the unwanted files or files that are infected from your website.and
Step 2: Upload fresh files from your backup.
Step 3: Change your FTP password.
Step 4: Do not store password information in FTP clients (like using quickconnect options found in Filezilla) and dont use browsers for FTP connections.
Step 5: Make sure your system is secured with fresh os or with proper antivirus and firewall.
Step 6: Request Google and Firefox to de-list your site from the vulnerable site list maintaned by them ( for this click here)
Step 7: After which Google/Firefox will provide you with a .html file (like:googlec70cb32d9d6baa2d.html). Upload the same under your doc root folder.