Bluehost Web Hosting Help

How the Social PNG Hack Works

Overview

The Social PNG hack is a method used to alter a websites behavior or content. A hacker may make a file containing malicious code and format the file to appear as an image. The image will follow the png format and will often be called social.png. This is done so that it appears to be a common and harmless file that any website might have normally.



How You Get It

There are many ways the file could have been placed on you website, too many in fact to cover all of them. The most likely is that it came from a plugin or theme that you installed on your site which included the malicious file. Often you would have no idea you were uploading an infected file to your site as the hacker would make the plugin look as legitimate as possible.

What it Does

Once the file is on your site, the hacker can control your site and manipulate it in any number of ways. You may not notice anything at all or you may see any of the following:

  • Your site starts redirecting to another site
  • Links to another site start appearing on your site
  • Unwanted advertisements may appear on your site
  • Search engines and browsers may start warning that your site is dangerous
  • Your site may simply break and show a white page or an error message.

There are other ways it may manifest itself or it may not manifest itself at all and instead work quietly behind the scenes just gathering data and using your processing power.

What to do if You Have It

If you aren't sure how to identify compromised files or correct them, consider a professional malware cleaning service like SiteLock clean the site for you.

If you are a developer or very familiar with the website, consider the following courses of action.

  • Identify the infected social file and remove it, identify any other files that have been changed and make corrections as necessary.
  • If you know when the file was placed on your site, replace your website with a clean copy from a backup taken prior to the infection.
  • Have a professional malware service like SiteLock clean the site for you.
Knowledgebase Article 23,582 views bookmark tags: hack security wordpress


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

WordPress: How to Uninstall a Plugin

Uninstall a WordPress Plugin

WordPress: How to Delete or Uninstall a Theme

How to Delete or Uninstall a WordPress Theme

Basic Site Security Checklist

What can I do to increase my Site Security while hosting with Bluehost?

Related Help Content

Change WordPress URL's With WordPress Tools

This article will explain how to change the Site URL or Home URL setting in WordPress. This may be useful if you have moved your WordPress site or are planning to move your WordPress site.

Migrating an Existing WordPress com Site

If you have a WordPress blog hosted on wordpress.com, you can easily export it and import it to WordPress that is installed on your hosting account with bluehost. Login to the WordPress D

How to Login to a WordPress Site

This article will explain how to login to a website created with WordPress.

Login to WordPress with WordPress Tools

This article will explain how to login to a WordPress site using WordPress tools.

How to install WordPress

Learn how to use WordPress, WordPress started as just a blogging system, but has evolved to be used as full content management system and so much more through the thousands of plugins, widgets, and themes now available.

Core Files Warning In WordPress Tools

This article will explain why you see "Your WordPress site appears to be infected with malware. Please update to remedy this problem."

Logging in and Using WordPress: Preventing Spam

Prevent Spam These steps will help you prevent users and robots from posting Spam on your WordPress blog. Inside the WordPress Dashboard, select Settings in the navigation bar on the left. From the G

WordPress Creating Editing Removing posts

How to use the Posts feature of the WordPress Dashboard