The client’s company was founded in 2003 as a web-based start-up. The business adopted a channel sales strategy, offering dropshipping services.
Last year the business suffered a severe cyber-attack, just as it was growing at 4 percent a month and had recently expanded into a new market.
The client had a B2B e-commerce website that was generating a growing revenue. They had invested in design and development, worked hard to write good copy and multiple blog posts, put a lot of money in marketing and advertising. But one day they discovered that their website got hacked and was spreading malware and spam.
DOS attacks and single targeted sites on servers are fairly common for hosting providers, but this attack was different. The hacker had managed to bypass the company’s entire security protocol, get behind its firewall, and gain access to its master user access information.
At this point, Chrome and other mainstream browsers started showing the dreaded “The site ahead contains malware” screen when clients tried to access the website.
There are some options a website owner can consider when their website gets hacked. One option for sure is to rebuild the sites from scratch and migrate the content to the new website. This option will take a lot of time, and in some cases, might cause a lot of downtime for your website and business, but sometimes this is the only way to go.
Another option is to try and recover your site by - scanning the files (restore to the latest stable git branch if you use version control), grep the whole DB for PHP code, base64, eval, or iframes, check the file change dates, diff plugins/themes with original versions, update/upgrade, and change access credentials, check the access logs for suspicious entries. After the client’s website got hacked, they hired a support provider to check out the website, identify and remove the malware.
The website functioned properly for a short while. But it wasn’t long before it became infected again.
With the drop shippers possibly losing their businesses, the company had no choice but to seek a quick alternative solution.
At this stage, they decided to turn to a professional WordPress support company – and chose to work with AirDesigns. Not only we were able to identify and remove the malware, but we also identify the hidden back door where the attackers kept re-entering the site. By closing down this entry point, the attack was stopped – and is now working optimally and continues to be malware-free. The website is constantly monitored by AirDesigns and regularly updated with the latest version of WordPress and the plugins to avoid Zero-day exploits.
“The lesson-learned – do thorough research when looking for companies providing security-related services, because security is not something that should be taken lightly, and it’s quite costly to fully recover from a hack”, said one of the co-founders.
It took our client 5 months to fully recover their business after the incident. Some of their clients lost trust in their business and move away with another provider.
Their organic search on Google had plummeted as well and they stopped appearing on the first page. It took about 2 – 3 weeks to get back up.
Their company lost not only real business by losing some of their drop shippers, but they also lost over 100K by missing out on clients for these few weeks.
As our client said – he has learned a valuable lesson. Some website owners have no idea their website is vulnerable or even hacked until the worst-case scenario has happened – revenue and potential clients are lost. These things happen daily and there are thousands of businesses that suffer.
If you don’t want to live the same story, the very first thing is to upgrade your website and plugins to the latest versions.
It's never too late to take the first steps towards securing your site online.