The scary reality is that if a website's security has been compromised by a careful, talented and well-equipped hacker, no one will ever know that the site has been hacked. However, most attackers are not well equipped, at least not in our sense. They use pre-built, paid exploit packages designed to be used by anyone, regardless of their technological talent - and like any user, hackers make mistakes.
Detecting high-quality, state-sponsored hacker attacks will therefore remain fairly fruitless for the average Internet user. Fortunately, military hacker groups probably have no interest in infecting our computers either. But there are a whole bunch of people who are interested in just that. But as I said before, they're just Internet users like you and me - they make mistakes and don't have infinite financial resources.
We still need to protect ourselves from these hackers. Here is a list of signs you should watch out for:
Browser warnings
Browser warnings are the first sure indication that the security of a web page has been compromised. Google is very active in scanning the web for safe sites and blacklists malicious websites, victim of hacker attacks and compromised. Occasionally, you will see a warning such as "Warning: visiting this site could harm your computer" when you try to open a site. According to Google, the false positive rate of these warnings is incredibly low, so such a warning is a pretty sure sign that something is wrong with the page you are viewing.
Some modern antivirus software also has a built-in website checker. In the case of Kaspersky software, this is the Kaspersky URL Advisor, which is installed as a browser extension and informs the user about the safety of links and websites.
Stealth downloads
If you open a web page and notice that it immediately starts a download on your computer, you can be sure that something malicious is going on. As journalist Brian Krebs says, "If you didn't look for it, don't install it! The same should be true for all download links on the Internet, because if you haven't authorized a download yourself, nothing good will come of it. When websites automatically perform downloads, they are probably compromised.
Redirect links
If you are familiar with the website you open and notice that it suddenly contains highly promotional or random content and links that lead to other unrelated pages, this is also an indication that the page has been hacked.
We also talked to friends about StopBadware, a non-profit anti-malware organization that aims to make the web safer by blocking attacks in advance and cleaning up malware-infected sites. It was informed that search engine results can sometimes expose hacked pages before the user accesses them. For example, if you search for a page in a search engine and the results of said search bring up all sorts of strange advertisements for branded watches or cheap drugs, but they still lead to the web page you entered, the site's security probably has some flaws.
StopBadware also warns about strange redirects: "An indication that a page has been compromised is given when it links to a foreign website, but only if you access it via a search engine. This indicates a hacked .htaccess file, a very common procedure that often goes undetected by website operators, as they usually don't access their own pages via search engines such as Google, Bing or Baidu. To make matters worse, these redirect links (HTML, PHP or Javascript) are sometimes found on pages other than the home page, making them even harder to detect if the site operator doesn't know what to look for."
In the same category
