-
Services
-
Cybersecurity Consulting
Systematic exploration of a scenario to assess and prescribe solutions.
-
Ransomware Protection
Building up resilience and stratification to mitigate malicious attacks.
-
Risk Management
Thorough investigation of a scenario to assess threats and plan actions to address them.
-
Incident Response
Managing the mitigation of damages and assisting in repair in worst case scenarios.
-
Vulnerability Remediation
Properly and cautiously scanning, confirming and resolving found issues.
-
Managed Security Services
Delivering full-time consulting, monitoring, scanning, repair, incident response and more.
-
Penetration Testing
Proactively probing and stressing systems to find deeper vulnerabilities
-
Systems Hardening
Step by step assessing and improving configurations in devices, networks and systems
-
Advanced Web Applications
Feature rich development of custom programs delivering rich functionality.
-
Mobile Apps & Games
Custom apps using modern platforms for iOS, Android or using Progressive Web Apps
-
E-Commerce
High performance online marketplaces converting to sales and profits.
-
Outsourced Development
Utilize our team as an extension of your own as an in-house internal expansion
-
Corporate Websites
Professional presentations that display companies' strengths in style.
-
Custom Software
Not just for the web - applications for beyond the browser and on to desktops and devices
-
Custom CMS Systems
Based on our SD7 Hypersecure CMS delivering performance, security and ease of use.
-
Video Production
Pre and Post Production video planning, editing, special effects, voiceover and more.
-
3D Animation
Make digital objects come alive with objects made to move and react in space.
-
Virtual Reality
Immersive experiences in three dimensional space to amaze users and engage them like never before.
-
Search Engine Optimization
Achieving top ranking results for our clients over many years in all search engines in China and globally.
-
Marketing Materials Design
From brochures, logos, banners, advertisements and more we design it all for the web.
-
Print and Offline Media
Billboards, shirts, products, vehicle wraps, pop up banners and stands, interior shop designs etc.
-
Incident Response for Malware Attack via qTranslate
Thorough Malware Containment and Remediation
SEIRIM deployed a thourough and rapid incident response process for our client to identify, contain, eradicate and recover from a powerful and persistent malware infestation caused by unpatched vulnerabilities in their website's language translation program.
Due to extenuating factors, the process had unfortunate complexities, but provided valuable lessons learned and in the end full recovery was achieved.
Objectives
Identify the Vulnerability and Malware Infection
Our first step was to perform a thorough assessment of the client’s WordPress website. Through our vulnerability scan, we identified that the outdated qTranslate plugin was the primary source of a security vulnerability, allowing malware to infiltrate the site. We detected malicious code hidden in the plugin files, which had given cybercriminals unauthorized access to the website.
Remove the Vulnerable qTranslate Plugin
After confirming the vulnerability, we immediately removed the qTranslate plugin from the website. This action was necessary to eliminate the opening that had been exploited by the attackers. During the removal process, we also ensured that any associated files or configurations left behind by the plugin were fully cleaned to prevent future exploitation.
Clean the Malware and Restore Website Integrity
Once the plugin was removed, we carried out an in-depth malware cleaning process. We scanned the entire website for hidden malicious code and backdoors that had been introduced through the plugin. Any traces of the infection were fully eradicated with a complete wipe of the server, and a restoration of the website from a backup plus rebuild to a newly more secure state to ensure no malware remained in the system.
Update and Patch WordPress and Other Plugins
To prevent further security issues, we ensured that the client’s WordPress installation and all remaining plugins were up to date. We patched any outdated software to close security loopholes and eliminate the risk of similar vulnerabilities arising in the future. This included updating both core WordPress files and non-vulnerable plugins, ensuring the site was equipped with the latest security enhancements.
Install a Secure and Compatible Translation Plugin
As part of the remediation process, we installed a more secure, compatible translation plugin to replace qTranslate. We selected a well-supported and frequently updated plugin, Polylang Pro, that met the client’s multilingual needs without compromising website security. This new plugin was thoroughly tested to ensure it wouldn’t introduce vulnerabilities or conflicts into the site.
Implement Continuous Monitoring and Security Hardening
To ensure the ongoing protection of the client’s website, we implemented continuous monitoring and security hardening measures. This included setting up a web application firewall (WAF) from Imunify360 to block malicious traffic, monitoring for suspicious activity, and configuring automated vulnerability scans. We also provided the client with guidance on best practices for maintaining site security and staying vigilant against future threats.
The Results
Quick Action and More Vigilance Going Forward
WordPress plugins can present significant vulnerabilities if they are not regularly updated or properly managed.
As part of our remediation efforts, we implemented essential updates and patches to both the WordPress core and the remaining plugins. This was done not only to eliminate the immediate vulnerabilities but also to ensure that the site was protected against future exploits. Updating software and keeping systems current is a basic yet often overlooked security measure. It was clear from this case that security is an ongoing process, and regular patching and updating are key to preventing similar vulnerabilities.