This is the 1st part out of 4 of our Backdoor Attacks Guide. In this article you can learn more about what is a Backdoor Attack and why it is dangerous. We will also feature some of the basic Backdoor types and examples,

What is a backdoor A backdoor is a method that allows the bypass of some or all security checks in order to control some aspect of a system or an application. A backdoor may take the form of a separate program, a hidden piece of code or a hardware feature. In this series of articles we will talk about different types of backdoors, how they work, and how to defend yourself against them. Why they are dangerous If a hacker has a backdoor to your web server, the server may be abused without your knowledge. There can be a number of reasons for a hacker to have a backdoor in a system, here are three of them: Distributed Denial of Service (DDoS) The first one is for the hacker to force the affected server to participate in a Distributed Denial of Service Attack. This happens by making the server send lots of packets to a certain destination. Denial of service attack

is when a hacker tries to make a machine or network resource unavailable, for example, by overwhelming the resource with a large amount of traffic. The denial of service becomes distributed when multiple machines all over the world participate in the attack. In this case, the hacker will have backdoors in a lot of systems that can all be used to perform a distributed denial of service attack. The servers which participate in such attacks might be blacklisted. Distribute malware Another reason the hacker might set up a backdoor in your webserver, is to distribute malware to the website’s visitors. This malware is usually ransomware or adware wherein the hacker will benefit financially from distributing it. When this occurs, the site will become blacklisted by browsers like Chrome. Steal information In this case, the backdoor will be a way for the hacker to access the webserver from time to time to steal important information from the server, like customer…

Internet has revolutionized the world primarily due to World Wide Web (www). Currently, there are more than 1 Billion websites on the web. That number is growing with each passing day, as more of the world gets connected and technology makes it easier for people to have a voice and online presence through websites. Websites are the way we shop, work, pay our tax bill and run our businesses.

Introduction Initially, websites was functionality focused and much of attention was paid to designing, user interfaces, user experiences and functionality of the web. Over the period of time, websites became an easy target for hackers due to easy accessibility and little to no security features implementation. Prevalent, threats to websites are related to online privacy, security and transactions. Website security encompasses more than the information in transit between your server and visitors to your website. Enterprises need to take utmost care of their websites as part of an entire ecosystem that needs constant care and attention, if they want to retain people’s trust and confidence. Web sites will be at stake as ecommerce becomes increasingly common in our daily lives. From ordering groceries to booking holidays, we are doing more and more online. In fact, Ecommerce Europe reports that global business-to consumer ecommerce turnover grew by 24 percent to reach $1,943 billion in 2014 and business-to-business ecommerce is expected

to be worth $6.7 trillion by 2020. Website security has never been more important or relevant. The consequences of failing to reinforce website security are likely to extend beyond the costs to an individual company, it will not only damage the consumer confidence but also the company’s repute and financial losses will be huge. Websites are vulnerable to attacks leading to malware and data breaches. Websites are road to much sophisticated attacks as these are a way into a company’s network, these are a way into company’s data repositories and these are a way to reach company’s customers and partners. Website Vulnerabilities Trends in 2015-2016 Websites succumb to following vulnerabilities and attacks as per statistics and research conducted in 2015 and 2016. Arbitrary Code Execution Arbitrary code execution is used to describe an attacker's ability to execute any command of the attacker's choice on a target machine or in a target process. Remote Code Execution Remote code execution is the ability…

If you think your website has been hacked, it's good to determine the nature of the hack as soon as possible. There's many different types of hacks and some hacks can be malicious. Other hacks are just defacements to your actual webpages.

Indicators of compromise Some hacks are quite apparent since they deface your page, while others are more subtle. Here are some common signs that your website has been compromised: Your home page has changed. If you visit your website, and instead of seeing the page you have created you see something entirely different it's likely that your page has been "defaced." Normally, these types of hackers will have a "hacked by..." message displaying to take credit for the hack. Your access to admin pages no longer exists. If you cannot access your admin section of your website, it's possible the hacker has gained access to the adminsitrator account or cpanel and altered the passwords. Your computer's anti-virus software warns you when you visit your website. This is a typical situation where your website is trying to install a trojan or another type of virus on your local computer. A page will not load but it used to. If you haven't

changed anything on your website and it is now not loading this could be a sign of a hack. This is not a typical hack but usually inidcates that the hacker has modified a database so it no longer functions as it should. The most common methods of hacking a website are: Compromised cPanel or FTP account password Code Injection Remote File Inclusion If you password has been hacked or compromised, this will typically be a defacement type of hack. If you use a content management system, the hack was usually done be exploiting the software. It is important when you use CMS software such as Joomla, WordPress, and OSCommerce to keep the software up to date. Google Chrome (or another browser) Alerts You To The Hack If one of your visitors (or you) see one of the following warnings in Chrome, your site has likely been hacked and infected with malware. This warning indicates that your site has been…