Hack: Google Analytics accounts preferred

Currently, there are again a number of website hacks and takeovers of Google websites. Especially with Joomla created pages are again infested en masse.

Many website owners know the problem: Some files have been uploaded which are used to try to Spam or code is inserted into the page that offers Trojan horses for download.

This often happens with widely used CMS systems like Joomla, WordPress or Drupal, because the website owner neglects to install updates, or has installed plugins and themes from free or dubious sources, which have either already been delivered with vulnerabilities, or are no longer being developed.

Most of the time these installations are manipulated automatically (found via google) and only much later misused to send spam or other actions. It is therefore advisable not only to constantly update your installation, but also to completely delete unused plugins and themes, or to regularly export the pure content of the pages and re-import them into a fresh installation.

Trojans are also used to spy out access data in order to create an administrator account in the CMS system or, more recently, to completely take over the website at the google index.

For this purpose, a new page owner is added and a code is placed in the website, which is then used for authorization at google. The new page owner can then use all the possibilities that google makes available in its services. Particularly annoying: it cannot be removed without further ado.

 

Current articles