Why do hackers bother hacking websites?
Whether you have a site built with Joomla, or a site built with Wordpress, they are both vunerable to being hacked. Hackers range from inexperienced kids looking to get started to sophisticated crime syndicates. A script kiddie who has very little technical experience may simply go around defacing websites for fun and bragging rights, whereas a black hat hacking syndicate may spend more time evading malware scanners, developing complex command and control networks to maximize their impact, and monetizing compromised sites using SEO spam links and other methods.
Many clients ask me ‘but what do people have to gain from hacking my site? It isn’t even a shopping card site!’. Here are the top 9 reasons why hackers are constantly trying to hack into websites.
Hacker Motive #1: Installing Backdoors
A backdoor is a piece of code inserted somewhere on a site that provides an attacker with the ability to execute commands on the compromised site’s server. Once an attacker gains access, they can potentially escalate their privileges by exploiting kernel-level vulnerabilities to gain root access to the server, which would allow them to take over other sites hosted on the same server.
Hacker Motive #2: Defacement
Defacement occurs when an attacker alters the content, or face, of a site to something else typically with no real immediate benefit to themselves. This can be something as simple as a tagline like “This site was hacked by r0gu3 1: L33t Hax0rs” with a green cyber text background. Most of the time attackers will deface sites to send a political message or simply to show off. There is typically no monetary gain from defacing a site. A “Defacement Contest” is when attackers will attempt to deface as many sites as possible to claim victory over other attackers, purely for bragging rights.
Hacker Motive #3: Spam/SEO Content Injection
Spam/SEO content injection occurs when an attacker injects HTML containing visible or hidden links to external websites in hopes of improving the search engine ranking for those sites. This is mostly done for monetary gain. Attackers can be paid on the black market or dark web to improve site’s SEO rankings or they can aim to improve the SEO of their own sites by injecting these spam links into victim’s sites.
Hacker Motive #4: Spam Page Creation
Similar to spam links, spam pages try to boost a site in a highly competitive and profitable niche higher in the search engine result pages. Unlike spam links, however, these attacks consist of multiple HTML pages containing spam content injected into a compromised site. It can also involve spam pages being created within WordPress itself. Sites that have older domain names have higher authority ranking factors on search engines and are a more desirable target for attackers as the domain authority is also transferred to the spam pages created by the attacker. The motive for attackers in this scenario is monetization.
Hacker Motive #5: PHP Mailer Creation
A PHP mailer script sends emails on a server through PHP code. Attackers will often use these scripts on a compromised site to exploit the mailing functions of the server and send out unwanted spam messages. Spam usually refers to unsolicited emails designed to grab your attention to try and get you to purchase a product. Spam can also consist of emails designed to trick you into executing actions like entering your password, which would be considered phishing, or to initiate other common scams.
Why do attackers compromise sites to send spam?
It’s simple. You have a reputable and legitimate site, so sending spam emails from your site is an attractive target as it will take longer for an attacker to get detected and shut down. By using your site’s email service as the email source, an attacker is likely to bypass many email filters and their spam messages will get delivered successfully to more targets. Again, the motive here is to earn money and go undetected for as long as possible.
Hacker Motive #6: Phishing Campaigns
Phishing involves using legitimate-appearing emails to try and trick a user into performing some sort of action, such as logging in to a fake online banking site. Compromised WordPress sites can be used as a source of phishing emails being sent out, and they can host phishing pages posing as a different site in order to collect sensitive information. A phishing kit is essentially a bundle of files used to create a webpage resembling a legitimate site such as Google Drive or an online banking site. In these cases, your site would act as a free host for malicious attackers hosting a phishing page to harvest user details.
Hacker Motive #7: Malicious Redirects
Malicious redirects are used to redirect legitimate site users to an alternative site, typically in hopes of infecting the victim’s computer through a malicious download. Attackers like to install malicious software on user computers for a plethora of reasons, but it nearly always stems from one motive: monetization. Attackers will also sometimes choose to redirect site users to a spam site in hopes of selling products to, again, try and monetize.
Hacker Motive #8: Command & Control Server With a Botnet
A botnet is a group of already compromised hosts, referred to as “zombies,” typically used by an attacker to try and infect additional hosts or execute a DDoS attack. This is a motive where attackers don’t necessarily care about the visibility or traffic to your site, but rather they are looking to utilize your site’s hosting resources.
Hacker Motive #9: Cryptomining
Cryptomining infections occur when attackers infect sites with cryptominers, which are used to earn cryptocurrency, which is a digital form of currency utilizing a blockchain. This is another scenario where the attacker’s motive doesn’t require your site to be visible or popular, but rather the site’s hosting resources (or visitors) are exploited to provide monetary gain to the attacker.
Latest News / Blog
- Things to consider before updating your site to Joomla 4
- Why do hackers bother hacking websites?
- How to grow your social media engagement
- Wordpress 5.5 - auto updates
- My Watchful Podcast
- Safety and Security While Video Conferencing with Zoom
- Increasing the exposure of your business
- Keyboard issue: Single quote being replaced by Accent character
- Telemarketers trying to sell you a keyword-rich domain name
- Email – latest technology & more space!
- Outlook 2018, where have the Advanced Settings gone?
- Tools to resize and optimise images for your website
- Stolen Domain Names
- How to 'Like' a Facebook page as your business
- Create a link for customers to write reviews
- Latest round of QLD Digital Grants opens soon
- Proximity to Searcher is the New #1 Local Search Ranking Factor
- The Importance of Keeping Software Up To Date
- Joomla 3.7 Coming Soon
- Mobile-first Indexing
- Run out of ideas for social media posts?
- Scammers - they are still at it!!
- Are you struggling to create interesting content for your website?
- How to Write Viral Headlines: New BuzzSumo Research
- Google to Boost mobile-friendly algorithim this May
- Claiming for personal vehicle usage for tax year 2015 onwards
- Get on Google 'My Business'
- Google Analytics Report - What is "beat with a shovel the weak google spots" keyword?
- What is NAP Consistency? And why is it good for SEO?
- More .au options for all Australians or not – the pointy end of the naming panel process
- How to Know When Your Startup or Business is Ready for Facebook Ads
- Why are there spikes visits on my Google Analytics report?
- Generate more traffic with good quality blog content
- How to provide a direct link to your Google+ review box
- Content Quality Score: Google’s Best Kept Secret For Rankings
- Marketing your website content across the digital market
- Are you resisting Google+ ?
- How Google Search Works
- Facebook site ownership when buying a business
- Using Pinterest for your Business
- Can I rely on my Registered Business Name alone to register a com.au or net.au domain name?
- How to create a business listing on Google Maps
- What format of logo should you use in Word?
- What is Google Pagerank?
- Google Analytics keywords report says "not provided"
- 5 Tricks to Improve Your Google Maps Listing & Ranking
- SEO backlinks for your website
- Internet keyword scam
- Google Maps
- SEO basics for your website