Chrome Catches Malware

Quartzlight Marketing Posted on by

Here’s how Google Chrome catches malware in its browser and warns you when other browsers cannot:

Have you ever seen this dreaded screen when you call up your website?

If you have, you know how scary and frustrating it can be.  Occasionally, it happens to one of our client’s websites and, we can tell you with confidence that, it can be fixed.

If your website is hacked, then your site very well may disappear off Google search results.  No one can find your site if you are removed from search results.  Therefore, you will want to take all measures to avoid getting hacked, and/or clean up problems as soon as you discover them.

Case study:

The website of one of our clients, a vibration analysis company in the Northwest, encountered this very error the other day.  The warning of possible infection downloaded to the computer we were using was enough to send us clicking away from the site, but we (of course) wanted to know what was happening and why.

Google Chrome browser was the only browser to detect the malware infection. Firefox and Safari browsers did not see the infection.  Furthermore, meta descriptions for the site were showing up fine in both Google Search and Bing.

  • To “enable phishing and malware protection” in Chrome, follow these steps:  (you can find detailed solution at this site here: http://www.im-infected.com/how-to/enable-phishing-and-malware-protection-google-chrome.html
    • In Chrome, click the 3 layered icon in the upper right corner.
    • Choose “settings” from the drop down menu.
    • In settings, scroll to the bottom of the list and click on “advanced settings.”
    • Make sure that “enable phishing and malware protection” is checked.

For us, and our clients, this is a very worthwhile feature of Chrome, and alerted us to a hack on a site when other browsers where flat out missing it.  By the way:

Here’s what we did to clean up the infection and lock the site down further

  • Log in via ftp to the site and look for files that have changed in the last day.  We found that a plugin seemed to have been breached.
  • Installation of anti malware plugin.  (We use GotMLS).  The plugin found that header files in the themes were being overwritten with additional code that forwarded to other domains.
  • We then cleaned the files by updating older versions of themes, and/or letting the malware program clean them up.
  • Next, we checked our security settings (currently iThemes) and revised the brute force attack settings to automatically ban ip addresses that try to log in as “admin” and lockout the backend during non-business hours.
  • Then, we run spot checks in between the regularly scheduled maintenance work blocks:
    • Check FTP for changed files since the last checkup.
    • Run malware scan
    • Check your logs in your security software for unusual activity.

Here’s what you can do after you are cleaned out to make sure you are “Google Compliant.”

https://support.google.com/chrome/answer/99020

 

Comments are closed.