Security announcement: Your website, online store or web application may be vulnerable to malware
On December 26th 2019, we discovered a malware named XsamXadoo Bot. This malware can be used to have access to a website, an online store OR a web application and take control of it. Recently we successfully recovered our client’s webshop from XsamXadoo malware. Now we can recovered any website, online store or web application from this malware in an hour. Please contact us immediately if you need any help.
What an attacker/malware could do?
- This vulnerability gives an attacker access to your website: for instance, this means an attacker can potentially steal your data.
- Can remove website’s database and source files.
- Ask for ransom money to recover the site.
- Use your server as a proxy.
- Read/modify ALL files on the server
Why your store is attacked and how can it be prevented?
- A web application with an Unrestricted File Upload vulnerability, which allowed attacker to upload a malware.
- Wrong permission of your files and folders on server
- Hosting server’s login credentials
- FTP login credentials
- And many other possibilities