How to submit malicious code to Yandex specialists for analysis

The Yandex Safe Search service not only warns users of infected pages, but also helps webmasters find malicious code on infected websites, remove it, and share their experience with other webmasters.

The more examples (samples) of malicious code we have that operate on the web server side, the more information we have for helping webmasters.

If you found malicious or just suspicious code on your website, send it to us at Your email should include, if possible:

  • The CMS version installed on the site.

  • The name of the script or database table where the code was found.

Malicious code is most often located in:

  • infected CMS scripts or templates, or in advertising network blocks.

  • database tables.

  • the .htaccess file on the web server.

  • a separate file (this may be a script or a binary file), which starts to change the contents of CMS scripts when it is run on the server.

For more information on how to remove malicious code on the server side, see this page.

Besides server malware, we are also interested in malware that ends up on a user's computer.

To prevent antivirus filters on mail servers from deleting samples of malicious code from emails, package them as a password-protected archive before sending. You can include the password for us in the same email.