Bluehost Web Hosting Help
How the Social PNG Hack Works
The Social PNG hack is a method used to alter a websites behavior or content. A hacker may make a file containing malicious code and format the file to appear as an image. The image will follow the png format and will often be called social.png. This is done so that it appears to be a common and harmless file that any website might have normally.
How You Get It
There are many ways the file could have been placed on you website, too many in fact to cover all of them. The most likely is that it came from a plugin or theme that you installed on your site which included the malicious file. Often you would have no idea you were uploading an infected file to your site as the hacker would make the plugin look as legitimate as possible.
What it Does
Once the file is on your site, the hacker can control your site and manipulate it in any number of ways. You may not notice anything at all or you may see any of the following:
- Your site starts redirecting to another site
- Links to another site start appearing on your site
- Unwanted advertisements may appear on your site
- Search engines and browsers may start warning that your site is dangerous
- Your site may simply break and show a white page or an error message.
There are other ways it may manifest itself or it may not manifest itself at all and instead work quietly behind the scenes just gathering data and using your processing power.
What to do if You Have It
If you aren't sure how to identify compromised files or correct them, consider a professional malware cleaning service like SiteLock clean the site for you.
If you are a developer or very familiar with the website, consider the following courses of action.
- Identify the infected social file and remove it, identify any other files that have been changed and make corrections as necessary.
- If you know when the file was placed on your site, replace your website with a clean copy from a backup taken prior to the infection.
- Have a professional malware service like SiteLock clean the site for you.
Recommended Help Content
WordPress: How to Uninstall a Plugin
Uninstall a WordPress Plugin
WordPress: How to Delete or Uninstall a Theme
How to Delete or Uninstall a WordPress Theme
Basic Site Security Checklist
What can I do to increase my Site Security while hosting with Bluehost?
Related Help Content
Change WordPress URL's With WordPress Tools
This article will explain how to change the Site URL or Home URL setting in WordPress. This may be useful if you have moved your WordPress site or are planning to move your WordPress site.
Migrating an Existing WordPress.com Site
If you have a WordPress blog hosted on wordpress.com, you can easily export it and import it to WordPress that is installed on your hosting account with bluehost. Login to the WordPress D
How to Login to a WordPress Site
This article will explain how to login to a website created with WordPress.
Login to WordPress with WordPress Tools
This article will explain how to login to a WordPress site using WordPress tools.
How to install WordPress
Learn how to use WordPress, WordPress started as just a blogging system, but has evolved to be used as full content management system and so much more through the thousands of plugins, widgets, and themes now available.
WordPress Pro: Marketing Center
WordPress Pro accounts will provide customers with advanced features and functionality, including the Marketing Center
Core Files Warning In WordPress Tools
This article will explain why you see "Your WordPress site appears to be infected with malware. Please update to remedy this problem."
Logging in and Using WordPress: Preventing Spam
Prevent Spam These steps will help you prevent users and robots from posting Spam on your WordPress blog. Inside the WordPress Dashboard, select Settings in the navigation bar on the left. From the G