Malware is a major cybersecurity threat, which can affect your websites (and your business) too. Acunetix can help website owners detect malware on their web pages and in their web applications by integrating with renowned malware detection services and software. This is very important for website security because undetected malware affects the performance of your web server, causes your users to see malware flags in their browsers, and decreases the confidence and the SEO rating of your site, reducing your search engine ranking.
There are two ways in which Acunetix protects your web assets from security issues related to malware infection: malicious link detection and malicious script detection.
Malicious Link Detection
Acunetix uses safe browsing (blacklisting) services from Google and Yandex as the basis for detecting security threats associated with suspicious links. If your website or web application links to a site that is known to be on the blacklist, for example, a hacked website under defacement, that external link will get flagged by Acunetix during a scan thanks to the blacklist monitoring engine. If a malicious link is found in your web assets, it could mean that either your website was attacked or the website that the link is pointing to was attacked. Most of the time, malicious links appear on your site because of ineffective user input filtering. For example, if your web assets include a non-moderated comment section, malicious links could be inserted there by visitors.
Malicious Script Detection
When you use website monitoring with Acunetix, the website scanner identifies not only links but also malicious code in scripts (primarily JavaScript) that are present on your website or accessed via your web application. Acunetix downloads such files and scans them for malware such as trojans, backdoors, spyware, and more. Malware is detected using renowned malware scanning engines. In the case of Microsoft Windows, Acunetix uses the built-in Microsoft Defender. On Linux and macOS, Acunetix integrates with free ClamAV antivirus software. Note that even though both these anti-malware tools have malware removal capabilities, you will need to remove malware from your web assets manually.
Eliminating the Underlying Causes
If you find malware scripts on your website or in your web application, it means that you have serious underlying web security issues, which allowed the attacker to upload this malware. This may, for example, be a stored Cross-site Scripting (XSS) vulnerability or an SQL Injection. The Acunetix web security scanner helps you detect such underlying issues, both in your proprietary web software and in popular products such as WordPress or Joomla (including plugins).Recommended reading
Learn more about prominent vulnerabilities, keep up with recent product updates, and catch the latest news from Acunetix.
“We use Acunetix as part of our Security in the SDLC and to test code in DEV and SIT before being promoted to Production.”
Kurt Zanzi, Xerox CA-MMIS Information Securtiy Office, Xerox