I get a lot of querys from website owners asking if I would be willing to clean the malware from their sites for a fee. I do not do any fee-for-service work, my activities are limited to trying to assist site owners on Google's Webmaster Tools Help Forum or Stopbadware's Forum. I always encourage site owners to post on one of those forums first, there are a lot of volunteers who are quick to provide assistance/advice on how to find and clean malware problems on a site.
Last week I had a fairly long exchange with a site owner seeking a vendor to clean his site which has prompted this post. The questions from the site owner come up frequently -- Why don't you do commercial work? What do you think about the idea of using one of the vendors? Are they reliable? Do you recommend any of the vendors?
First I am actually somewhat surprised that more site owners do not turn to one of the commercial vendors, particularly if they have a commercial or monetized sites. In many cases a hacked site becomes very emotional for the site owner and it shouldn't it is not personal. The decision to use a vendor should be like any other business decision, How much is the service going to cost versus how much revenue are you going to lose if the site remains hacked?
It should not be a question of "Do we have the in-house expertise to clean up the hack?, it should be a question of which will cost us more, use in-house resources, or out source the task.
really-profitable-website.com gets hacked and has a staff of 3 cracker jack developers. The site owner goes to them and explains that the site has been hit with a pharma hack and asks "How long will it take you to clean things up?" Developer John says "that is not too bad, it will take me 4 hours to clean it up". The site owner does the math, with salary and benefits John is costing him $50 dollars an hour, so about $200. Also assuming John is gainfully employed, what is it he will not be doing while he is cleaning up the site? Which course of action, in-house or out-source makes the best business sense?
As long as that malware warning is popping up you are going to lose traffic and revenue and loss of traffic and revenue is going continue for some weeks/months after the warning is removed. If you are not able to get the site cleaned up and the warnings removed in a timely manner from a business standpoint it makes sense to turn to a vendor.
For a "hobby" (non-revenue) site the decision might be more difficult. In some cases the site owner may not have the technical expertise to clean the site but more often they may just not want to fool with it. In one exchange with a site owner he came up with a great analogy.
You know you come home after putting in 10-12 hours at your 9 to 5 and all you are thinking about is opening a cold beer, propping your feet up and putting the game on. You walk in the door and the first thing you see is the dog has crapped in the middle of the living room floor. Now sure you could clean it up yourself but, there are plenty of days when, If you could, you would be happy to send an Email and by the time you got your beer open and the TV on the mess would be gone!
If you are running a hobby site you should also ask yourself questions like -- How much is my time worth?? or Is this the best use of my time??
Another factor to consider is that cleaning up the malware and getting the warning removed is just the tip of the iceberg so to speak. The majority of the hacks I have seen in the last year have included what is called a "backdoor". The hackers will leave a file or maybe a bit of code in one of the sites legitimate files that will allow them to access the site again and place their malware back on the site. Finding the backdoor, if present, can prove much more difficult then cleaning up the malicious content. The malware vendors have the experience and expertise to find and remove backdoors left on the site.
Many of the malware removal vendors can also help you with "hardening" your site against future malware attacks, once hacked is one time too many. For a commercial site a 2nd malware warning can destroy your sites reputation/credibility forever.
Unfortunately, like anything on the Internet you need to approach hiring a malware removal vendor with bit of caution. I see posts on the forum, all too often, Hey I hired a specialist to clean my site, paid $200 via paypal and 2 weeks later my site is still flagged and I can not get in touch with the specialist. What do I do now? Before you pay do some research.
If you go the vendor route you should be prepared when you contact the vendor. Provide as much information as you can about what is happening on your site. Has Google flagged the site? and/or Are you getting malware warnings when you visit the site? Is it a malware hack, a spam hack or a phishing hack? Where do you host your site? Provide the URL for your login and your login ID and password, they are going to have to access your site to clean it up.
I want to make it clear that I have absolutely no association with any of these vendors. I have never used any of these vendors so can not make any sort of recommendation for one over the other. I also have no information on the fees they charge. I have developed this list of vendors based on their participation on Google's and Stopbadware's forum. These are vendors who consistently receive good feedback from site owners who post back on various help forums.
Website Malware Removal
Jim Walker, The Hack Repair Guy
I sincerely hope you are never greeted with the dreaded malware warning screen when you open your site but if you are and are not able to resolve the issue without assistance --
First go to one of the help forums and ask for assistance (there is a real good chance 1 or more of the vendors listed above will assist you for free!)
If you are not able to get the issue resolved in a timely manner check out the vendor websites and contact a couple, Inquire about fees, how long it will take, etc.