1. bluehost knowledge base

Social PNG Hack

Overview

The Social PNG hack is a method used to alter a website's behavior or content. A hacker may make a file containing malicious code and format the file to appear as an image. The image will follow the png format and will often be called social.png. This is done so that it appears to be a common and harmless file that any website might have normally.



How You Get It

There are many ways the file could have been placed on your website, too many in fact to cover all of them. The most likely is that it came from a plugin or theme that you installed on your site which included the malicious file. Often you would have no idea you were uploading an infected file to your site as the hacker would make the plugin look as legitimate as possible.
 

What it Does

Once the file is on your site, the hacker can control your site and manipulate it in any number of ways. You may not notice anything at all or you may see any of the following:

  • Your site starts redirecting to another site
  • Links to another site start appearing on your site
  • Unwanted advertisements may appear on your site
  • Search engines and browsers may start warning that your site is dangerous
  • Your site may simply break and show a white page or an error message.

There are other ways it may manifest itself or it may not manifest itself at all and instead work quietly behind the scenes just gathering data and using your processing power.
 

What to do if You Have It

If you aren't sure how to identify compromised files or correct them, consider a professional malware cleaning service like SiteLock clean the site for you.

If you are a developer or very familiar with the website, consider the following courses of action.

  • Identify the infected social file and remove it, identify any other files that have been changed and make corrections as necessary.
  • If you know when the file was placed on your site, replace your website with a clean copy from a backup taken prior to the infection.
  • Have a professional malware service like SiteLock: Security for Small Businesses clean the site for you.