Malware Removal — Hacked Stone Masonry Website
Industry: Stone masonry
The situation
A stone masonry company had a recurring problem with their website. After every backup restore, the site would work fine for a few days, then "disappear" — the homepage would get replaced. The previous administrator couldn't find the cause, and the client needed proper malware removal from scratch. The client found me through a referral.
The problem — site kept returning to a botnet after every restore
The site was built on outdated components that hadn't been updated in a long time. The symptom was that after restoring from backup, everything looked normal for 2-3 days, then the homepage would get overwritten — the site became part of a botnet. The previous administrator restored the site from backup multiple times, but the problem kept coming back because the backup itself contained the same vulnerabilities.
What I did — file-by-file analysis and 9 vulnerabilities found
I performed an in-depth analysis of the entire site's code, file by file. I identified 9 different entry vectors — points where attackers could get into the system. This wasn't a single breach — it was nine independent vulnerabilities, each sufficient on its own to take over the site. After identifying all entry points, I updated all needed components, all plugins and the theme to their latest versions. Where updates weren't possible (abandoned plugins, unmaintained themes), I replaced them with actively maintained alternatives, free from known vulnerabilities and regularly updated. I also implemented basic security measures: changing default login paths, limiting login attempts, HTTP security headers, and file integrity monitoring. I prepared a simple guide for the client — what to do to prevent this from happening again.
Result
The problem never came back. The site has been running stable since the fix. The client no longer has to restore backups every few days and wonder what happened.
Has your site been hacked? — I'll respond within 24 hours
Describe the problemFacing a similar problem?
Tell me what you're dealing with — I'll respond within 24 hours and be straight with you about whether I can help. No strings attached.