Хостер ругается на вредоносный контент на сайте

Hello Unity,

During our server monitoring we noticed malicious content hosted on the following account:

> FastCloud - unitysp.com

These malicious files can negatively impact the performance of your websites by spawning malicious processes that would consume additional resources on your Hosting Account.

Furthermore, a Malware Infection on your website can result in the stealing of the personal information of your users, such as passwords, credit card numbers, etc.

Last but not least, a malware infection will often modify the core files of your application which may break the functionality of your website which would make your website completely inaccessible.

With that in mind, a malware scan has been performed for your account, and the same detected - 26 - of files that contain malware.

I have generated a report containing all of the files detected by the scan and the same is available in the home directory of your account:

> /home/unityspc/malware_scan_25-Jun-2021-14.54.txt 

In order to avoid a negative impact on your website and its users, you should review the files from the report with the assistance of a Certified Web Developer or a Security Expert as soon as possible. They would be able to review the files from the report, delete the ones that are not associated with your application and clean only the malware from the files that are part of your application.

In most cases, your websites are infected with malware due to a security hole in your application caused by a weak password, or an outdated version of your application, its theme, or the plugins/modules installed on your website.

With that in mind, your Developer should review the website for any security holes and patch them in order to avoid such an issue in the future.

In order to prevent your website from being compromised in the future I would recommend the following steps:

1. Use a strong password for the Admin Dashboard of your website.

2. Make sure that your application, theme, plugins, and modules are updated to the latest version.

3. Make sure you only use themes, plugins, and modules created by reputable developers with a high number of downloads and that are still supported by their developers with new security patches.

4. Remove any unnecessary scripts from your account.

5. Remove old staging copies of your website which have not been updated.

6. Scan your local devices for malware and key loggers which can be used to steal the passwords for your account and website.

Considering the above, I would strongly advise you to contact a security specialist for further review on your website, so he/she could patch any security holes and prevent further exploits. If you would like, you can check over the internet, for any security extensions/plugins/modules for your websites, that can use to further secure your websites. Unfortunately, we will be unable to assist you in that regard, as the task at hand would require development knowledge while we are hosting oriented company, and such development related tasks fall out of our scope of expertise

Once you have cleaned the malware from your account, please update us via this ticket so that we may initiate another scan of your account.

Also, note that such malicious files would often result in the upload of Phishing Pages on your website. The malware can also cause the spawning of processes that would trigger Outbound Brute Force Attack, Spam, or Crypto Miners which is something that we simply cannot allow on our Shared Hosting Environment.

In such a case we might be forced to place a restriction on the website in question or your entire account to prevent the malicious activity generated by the same.

We will be waiting for your update on the matter.

We are here to support you 24/7

Kind Regards,

Technical Support Team