Our security scanners detected thousands of recently infected websites by this fake outdated browser update malware which shows a popup window asking the visitor to update their outdated browser by clicking on the “Update” button which is a link to malicious .exe or .zip files to infecte their computers.
The malware is targeting Firefox, chrome, IE and other browsers and it shows customized popup windows to match the browser you are using.
1- The most important step is to stay calm and focused. Stress is a counterproductive. Take a deep breath and continue reading.
2- It’s very important to generate a full website and database backup.
3- Get a fresh Joomla copy from https://downloads.joomla.org/ and compare your current live files to the fresh copy you just downloaded using diff Linux command or file comparison tools such as DiffNow or similar tools. Check all reported and infected files and clean or replace it with a clean copy.
You can also use this SSH command to list all modified files in the last 7 days:
find . -type f -mtime -7
Most Joomla malware infections are targeting the core files and folders. If the malware/hack issue remains then you need to check and investigate your themes and plugins that you use on the website. If it continues, then you need to check your database too. You may also need to check your index.php , configuration.php and .htaccess file and other common files for any inserted and injected malware.
4- Update and upgrade Joomla, themes and plugins once you clean and remove the malware/hack. Remove any themes or plugins you don’t use.
5- Review your administrator users for any hidden fake admin users created by the hackers. Make sure to change all of your passwords.
6- Review your plugins and make sure you recognize all of it, Fake plugins installed and placed by hackers are very common. Remove any plugins you don’t use.
7- Once you are done cleaning your website, It’s the time to make a full website backup including database backup.
8- Scan your computer using a good anti-virus software.
9- Check if your website is blacklisted by any search engines or blacklists / anti-virus vendors (Google, Bing, Norton, McAfee, Yandex, etc) and submit reconsideration and reindexing requests whenever needed to make sure your SEO and ranking is not affected by the hack.
10- Stay current and up2date, Keep your Joomla, plugins, themes and everything updated and frequently change your passwords.
Signup now and let’s clean & protect your websites!