Glossary
security

Malware

Definition

Malicious software that hackers install on websites to steal data, redirect visitors, or use your server for attacks.

What is Malware?

Malware (malicious software) is code injected into websites by hackers. It can steal visitor data, redirect users to scam sites, display unwanted content, or use your server to attack other sites.

Website malware often operates invisibly – you might not know you're infected while your visitors and reputation suffer.

Why Website Malware Matters

Visitor Harm

Malware can infect visitors' computers, steal their passwords, or redirect them to phishing sites.

Google Blacklisting

Google detects many malware types and displays scary warnings to visitors, or removes your site from search results entirely.

Email Blacklisting

Servers hosting malware often get blacklisted, preventing your emails from being delivered.

Legal Liability

If your site infects visitors or leaks their data, you may face legal consequences.

Recovery Costs

Cleaning a hacked site is time-consuming and expensive. Prevention is far cheaper.

Types of Website Malware

Backdoors

Hidden access points allowing hackers to re-enter even after cleaning.

SEO Spam

Hidden links to gambling, pharmacy, or other spam sites. Damages your SEO.

Redirects

Visitors sent to malicious or spam websites without your knowledge.

Phishing Pages

Fake login pages hosted on your site to steal credentials.

Cryptominers

Scripts using visitors' computers to mine cryptocurrency.

Defacements

Visible changes to your site's appearance, often with political or promotional messages.

How Websites Get Infected

Outdated Software

Unpatched CMS platforms, plugins, and themes are the #1 entry point.

Weak Passwords

Brute force attacks guess simple passwords.

Compromised Plugins

Nulled (pirated) or abandoned plugins may contain malicious code.

Infected Development Environment

Malware on your computer can upload itself when you update your site.

Compromised Hosting

Poorly secured shared hosting can allow cross-site infection.

Detecting Malware

Warning Signs

  • Google warnings in search results
  • Unexpected redirects
  • Slow site performance
  • Unfamiliar files or code
  • Spam links in your content
  • Customer complaints

Scanning Tools

  • Sucuri SiteCheck
  • Wordfence (WordPress)
  • Google Search Console security issues

Prevention

  • Keep everything updated
  • Use strong, unique passwords
  • Install reputable security plugins
  • Use a web application firewall
  • Regular backups (in case cleaning is needed)
  • Only install trusted plugins and themes

Related Terms

Firewall

A security system that monitors and filters traffic to your website, blocking malicious requests before they reach your server.

HTTPS

The secure version of HTTP, using encryption to protect data between websites and visitors. Indicated by a padlock icon in the browser.

SSL Certificate

A security certificate that encrypts data between your website and visitors, shown by the padlock icon and 'https://' in the browser. Essential for security and SEO.

Website Security

Protecting your website from hackers, malware, and data breaches through technical measures and good practices.

Explore More Terms

301 RedirectCustomer SegmentationLast-Click AttributionSchema MarkupZero-Click Search

Previous

Magento

All Terms

Next

Manual Action

Want to Learn More?

Check out our in-depth guides on web design, SEO, and digital marketing.

Browse All GuidesAsk a Question