Malware Detection Scanning Services

THOUSANDS OF WEB SITES, INCLUDING THOSE OF LARGER WELL-ESTABLISHED COMPANIES, ARE DAILY INFECTED WITH MALWARES. MALWARES CAN DISRUPT THE NORMAL OPERATIONS OF ORGANIZATION’S WEB SITE AND PROBABLY INFECT THE WEB SITE USERS AS WELL.

Malware Detection Scan (MDS) is performed to proactively scan organization web sites for malware, provides automated alerts, and in-depth reporting to enable prompt identication of malwares and provision of immediate resolution. MDS enables customers to protect their web sites and applications from malicious infections, preventing web site black listing and brand reputation damage.

  • Service Objective
    The objective of MDS service are:

    Scan customer web sites and checks for suspicious scripts, malicious media and other web security threats hidden inside legitimate content and located on their web sites. Protect Web sites from malware infections and safeguard customer brand reputations.

  • Scope of Service
    The MDS can coves main external and internal web sites and sub-domains of web. The scope of the MDS service includes following:
    • Web site analysis for vulnerable and/or erroneous code.
    • Monitoring malicious activity upon request from customer.
    • On-demand scans for quick review after malware removal.
    • Detailed report on malicious content and malicious web pages.
    • Provision of recommendations for malware removal
 
  • Process of Malware Detection Scan
    MDS supports regularly scheduled scanning to monitor web sites on an ongoing basis, with email alerts feature to quickly notify organizations when infections are discovered. The MDS process consists of the following steps:
  • Step 1: Scope Validation

    Cloud4C team will validate the scope of the target list provided by customer. This is a safety measure to ensure the accuracy of subsequent ndings and will include the following activities:

    • WPing sweeps and route tracing.
    • Searches for sub-domains of web site.
    • Checks for accessibility of web site.
  • Step 3: Analysis of scan results

    Cloud4C team will evaluate, analyze, and categorize MDS ndings based on impact and severity.

  • Step 4: Recommendations & Reporting

    Recommendations based on the malware type and web site will be suggested. Detailed report of all malware infections per web site and recommendation will be provided.

 
  • Step 2: Performs Malware scan

    MDS will intelligently crawls customer web site and identify all possible infections and backdoors on web site. Cloud4C team will perform MDS on the given web sites and checks for following malware types:

    • MySQL and JavaScrIPt injections.
    • Web site Defacements.
    • Hidden I-Frames.
    • PHP mailers.
    • Phishing page detection.
    • Web site Backdoors.
    • Web site Anomalies.
    • Web site Defacements.
    • Drive-by-downloads.
    • Cross site scrIPting.
    • Rogue processes being started.
    • Document writes with obfuscation.
    • Web bugs.
  • Prerequisites
    To ensure successful and smooth execution of MDS service, certain information and preparation need to be in place:

     

  • External Malware Detection Scan (MDS):
    The IP addresses of internet facing web site to be included in the scope of MDS service along with the test user credentials required to logon to the web site. The test user credentials are used to scan the web site from an authenticated user’s point of view.
  • Internal Malware Detection Scan (MDS):
    We need a Virtual Machine (VM) to install our security toolkit. The VM should have the following:
    • Hardware requirements:
      8 GB RAM, 250 GB Hard Drive space, 4 core processor.
  • Privilege
    local administrator privileges on the VM.
    • Network access
      The VM should be placed in internal network and assigned internal IP address. In addition, the VM should be accessible from the internet by Cloud4C team through VPN or remote desktop protocol to facilitate remote management and execution of service. The VM should have access to the target internal web site.
  • Credentials
    Test credentials to logon to the web site to perform the deep level scans.
 
  • Deliverables

    Upon completion of the MDS service, a detailed report will be sent to client, including the following:

    • Executive Summary :
      Summary of the purpose of this assessment, as well as brief explanation of the threats that the organization is exposed to from a business perspective.
    • Findings
      A detailed, technical explanation of the ndings of the assessment along with steps and proofs of the ndings.
    • Conclusion & Recommendations:
      This section provides nal recommendations and summary of the issues found during the security assessment.
  • Service delivery time

    The MDS service on about 5 Web Applications can be completed in two business days.