Why do websites get hacked?

A Data Center
Why is my website interesting for hackers at all?

I only have a small website with a few users. Why am I even interesting to hackers?

Long gone are the days when websites were hacked simply for fun, to place an “ash” message, or to wantonly destroy website data. Meanwhile, there is more illegal money to be made in cybercrime than in drug trafficking.

Large companies are often attacked specifically by very skilled hackers. to obtain data (personal data, bank data, product data, company internal data).

For the mass of normal hackers, it is not so much the large companies that are targeted; these often have good IT departments and security precautions and are much harder to attack. Therefore, in anonymous mass attacks, it is mainly small websites that are affected, predominantly those with such popular installed programs as WordPress. Here, the security precautions are usually lower, the operators more inexperienced, the software is not up-to-date – and many website operators do not even notice a hostile takeover. Until they suddenly realize that web browsers are triggering alerts or Google has banned the page from the index with a “hacked” warning and therefore you are suddenly “invisible” to the world.

Spying on data is then also not the primary goal. Therefore, your website is also a potential target, no matter how many users it has, what kind of content it shows and what kind of data it manages.

What is a hacked website useful for a hacker?

  • to secretly install software for illegal so-called “bot networks”. This network is rented out by hackers for all sorts of illegal purposes, for example, remote attacks on other websites (DDOS attacks);
  • to encrypt the website and release it again for a ransom (ransomware) – stupid if you don’t have a backup then;
  • for “Black Hat SEO” by placing dubious links to other websites (and renting such links) in order to increase the reputation of the target pages in Google;
  • it also illegally diverts server processing power to lucrative BitCoin mining systems;
  • illegal data (e.g. porn) is cached;
  • the server is misused for sending mass mails (spam),
  • fictitious target pages are created in connection with “phishing e-mails” in order to capture data from e-mail users;
  • websites are sometimes used for political purposes (defacements) by placing messages there;
  • and, and…


In addition, backdoors (secret access points, often in the form of a hidden administrator account) are usually created, allowing a hacker to remotely install new malware if the previously installed software is discovered or another is needed.


If a site has been hacked, the website operator should act very quickly, for example due to legal requirements (e. g. B. GDPR, KRITIS) or existing contracts with providers, or simply because Google places a warning notice on the website or throws it out of the index immediately.

In addition, it will happen that the own page is not displayed in browsers or only with a warning notice and Google does not show the website in the search results at first.

DISCLAIMER: The TBA-Berlin is not a law firm. The content provided here is for general information purposes only and does not constitute legal advice. We recommend that you seek independent legal advice before taking or refraining from taking any action based on the content provided here.

TBA-Berlin makes no representations or warranties, express or implied, as to the accuracy, adequacy, validity, reliability, availability or completeness of the information referenced herein. Your use or reliance on any information contained herein is for your personal use and solely at your own risk.

More news

Email account hacked? What is to be done?

Do you suspect that your email account has been accessed and used by strangers?
For example, are there suspicious emails on the email account that have nothing to do with you, mails in the outbox folder, suspicious replies to mysterious emails?
We give you tips on what to do then. Our customers are also welcome to contact us. We are at your side with advice and support.

Continue reading »

Secure passwords

Password management software helpsPasswords have to be longer and longer to be of any use due to technological advancements. A password management program helps to keep track.

Continue reading »