The original infections we’ve seen are malicious Flash files and PDFs. Since Adobe Acrobat has had a few vulnerabilities, the cybercriminals have been having a field day infecting websites to deliver infectious PDFs and SWFs, then parlaying that into more website infections knowing that many people have their own website and use FTP to update it.

We recommend a few things.

1. Disable Javascript in Adobe Acrobat. You don’t need it and with it disabled you eliminate numerous possibilities for infection.

2. If you own a website, don’t use FTP. FTP transmits all data including username and password in plain text. Ask your hosting provider if you can use either FTPS or SFTP. These protocols transmit in an encrypted format making much more difficult to sniff.

3. Use a combination of AVG and Malwarebytes to scan and clean your PC.

4. Monitor your website for any changes. Check the code frequently to see if anything has changed. If it has, see if it’s something potentially malicious and remove it.

5. Set up a non-administrator account on your PC. Only use the administrator account when you need to install software or drivers. If the currently logged in user can’t install software, neither can a virus.

If you site gets “hacked” go to http://www.badwarebusters.org and ask for help. It’s a free forum.

Hope you found this information more valuable than what you paid for it.