Malware
SecurityMalware is malicious software designed to infiltrate, damage, disrupt, or gain unauthorized access to computers, websites, or networks. In web hosting, malware can infect site files, databases, or user sessions, leading to defacement, spam sending, data theft, SEO poisoning, and account takeover. It often spreads through vulnerable plugins, weak passwords, outdated applications, or compromised hosting accounts.
How It Works
Malware typically enters a hosting environment through an exploitable weakness: an unpatched CMS core, a vulnerable theme or plugin, stolen FTP/SFTP credentials, weak admin passwords, exposed admin panels, or insecure file permissions. Once it lands, it may drop additional files (a “payload”), modify existing code, or create persistence mechanisms such as hidden backdoors, scheduled tasks, or injected snippets that reappear after cleanup.
On websites, common behaviors include injecting spam links for SEO manipulation, redirecting visitors to phishing pages, skimming form data, creating rogue admin users, or using the server to send spam and participate in botnets. Malware often tries to evade detection by obfuscating code, hiding in writable directories (like uploads), mimicking legitimate filenames, or storing malicious logic in the database. Effective remediation usually requires removing the malicious code, closing the entry point, rotating credentials, and restoring clean backups when needed.
Why It Matters for Web Hosting
Malware risk directly affects which hosting plan and security features you should prioritize. When comparing hosts, look for account isolation, automatic patching options, malware scanning and alerting, Web Application Firewall (WAF) support, DDoS protections, secure backups with easy restores, and clear incident response policies. A plan with stronger isolation and recovery tools can limit blast radius, reduce downtime, and make cleanup faster if an infection occurs.
Common Use Cases
- Website defacement or content injection (spam pages, hidden links, malicious redirects)
- Credential theft and account takeover (CMS admins, FTP/SFTP, database users)
- Data exfiltration from forms, carts, or user accounts (skimmers, keyloggers, session hijacking)
- Abuse of server resources for spam sending, crypto mining, or botnet activity
- Backdoors that maintain persistent access after partial cleanup
- SEO poisoning that harms rankings and triggers browser or search engine warnings
Malware vs Virus
Malware is the broad umbrella term for any malicious software, including viruses, worms, trojans, ransomware, spyware, and web shells. A virus is a specific type of malware that typically attaches to legitimate files and spreads by replication when those files are executed. In hosting discussions, “malware” is usually the more accurate term because website infections often involve trojans, backdoors, and injected scripts rather than classic file-infecting viruses.