Cyber Security Center

Remove Zuponcic


Zuponcic

Vulnerable computer systems and applications:

Websites and their content management systems (CMS).

Description:

The malicious code (embedded in the .htaccess file) responds only to certain User-agent fields and only to those site visitors who come from commonly known sites, such as Google, Facebook, Yahoo, LinkedIn, etc. For this reason, some anti-virus programs do not detect anything suspicious. Users accessing infected websites get redirected to malicious pages, where malware is lurking.

Recommendations:

In case of breach:

  • Remove malicious code in the .htaccess file;
  • Update CMS;
  • Change administrative passwords.

 

Prevention:

  • Make web content management systems (CMS) accessible only from an internal corporate network or from established IP addresses;
  • If you use an open-source CMS, keep them up to date;
  • Do not use unnecessary CMS plugins;
  • Periodically change passwords for administrators and those users who have access to the CMS;
  • Search for vulnerabilities.