- The Situation
A Monday morning no business owner wants to have
- The Challenges
WordPress site completely defaced with spam content replacing the homepage and key service pages
Contact form hijacked and sending hundreds of phishing emails, risking domain blacklisting
Google Safe Browsing flag showing warning to all visitors trying to access the site
No backups existed, the site had never been properly maintained since it was built
- Our Approach
1
Immediate containment
Within an hour of being contacted we had access to the site and began containing the breach, disabling the contact form and blocking the malicious scripts.
2
Full malware removal
Removed all malicious files, backdoors and injected code from the WordPress core, theme files and database.
3
Site restoration
Rebuilt the defaced pages using Google cache and Wayback Machine records. Restored full functionality within 4 hours.
4
Hardening and ongoing protection
Installed enterprise security, enabled two-factor authentication, changed all credentials and submitted Google reconsideration request. Set up daily backups going forward.