Website Malware Removal
WordPress and Joomla support on demand
Has it affected you too? Angry visitors are warning you about a virus alert on your website. In more obvious cases, the homepage has been completely defaced, foreign hacker messages appear on the screen, or visitors are redirected to dubious websites.
You can assume that a virus or malware is now spreading through your webspace.
It often does not take long before Google itself and web browsers that rely on the Safe Browsing API warn potential visitors about your hacked website. Once Google knows, visitor numbers quickly plummet. Urgent action is required!
With many shared hosting providers, security is moving more and more into focus. It is therefore not uncommon for damage-limiting shutdowns to occur, which are only lifted after cleanup and preventative measures have been completed.
Our services
- Error analysis & debugging
- Security hardening
- Spam protection
- Updates & migrations
- CSS, JavaScript & PHP
- Customizations
- Speed optimization
- Server migrations
- Statistics (Analytics & Matomo)
- Elementor
- Gutenberg
- Avada
- Divi
- WPBakery
- YOOtheme
- JoomShaper
- Forms
- Plugin consulting
- WooCommerce
- Appointment booking systems
- Newsletter
- Google Business Profiles
- Logo vectorization
- Plesk
- GDPR & cookie management
- Nextcloud
Current Joomla Hacks: JCE, Astroid, Novarain & SP Page Builder
Several critical security vulnerabilities in widely used Joomla extensions and templates are currently being actively exploited - resulting in backdoors, SEO spam, and redirects. The main affected ones at present are:
- JCE Editor - vulnerability before version 2.9.99.5 (Learn more →)
- Astroid Framework - CVE-2026-21628, versions 2.0.0 to 3.3.10 (Learn more →)
- Novarain / Tassos Framework (Learn more →)
- SP Page Builder - vulnerability before version 6.6.2 (Learn more →)
An update alone closes the specific vulnerability, but it does not remove any backdoors already introduced or hidden SEO spam. We handle the complete cleanup and securing of affected Joomla websites.
About - the origin of Website-Bereinigung.de
It all began in 2012 with the infection of around 40 of our own managed websites by a trojan that targeted FileZilla FTP data. Over the years, we have now successfully carried out more than 3,000 cleanups (as of 2026) and, as a service provider in the fight against malware, have been able to gather a great deal of experience.
We want to use this knowledge to help free you quickly and easily from this difficult situation in an emergency case as well.
Of course, it is not enough to simply restore all files to their original state. To avoid being hacked again just a few days later, the cause must be found.
On the one hand, viruses, malware & co. can be injected directly into the files through insecure passwords or stolen FTP data; on the other hand, outdated CMS and shop systems pose a major security risk. In these cases, it is a classic hack - the exploitation of security vulnerabilities. The best-known CMS platforms such as Joomla, WordPress, TYPO3 or Drupal are particularly frequent targets. Leading shop systems such as Magento, OXID and xt-Commerce, including their forks, are likewise not spared.
When it comes to security, updates are the best preventive measure.
