While looking at a potential new customer’s website recently we found it had been infected with malicious software that causes any visitor’s computer to use up to 50% of its processing power to mine cryptocurrency unknowingly. This organization shares a hosting plan with another organization and both of their websites had the same malicious code.
Both sites are running on an older version of the Drupal Content Management System. Security updates had not been applied in quite some time and it is likely that the malware was placed on the sites through a known vulnerability.
We build websites on WordPress but this kind of risk isn’t unique to any one kind of Content Management System. WordPress, Drupal, Joomla and any other CMS are at risk if not maintained. We have gained new customers by cleaning up their infected websites. We much prefer to gain new customers by creating new value for them.
Have you checked your website lately to see if it needs updates? We recommend checking weekly. When an update is available for the CMS, theme or any plugin, do a backup of the database and files then apply the update and test the site. If this is beyond your skills or available time, hire someone to take care of it for you. Your organization’s reputation is too important to leave unprotected.