Blog Search
Like Box
Comments
- The WPCandy Podcast #32: "Uncle Ben's plugin list" | WPCandy on Official WordPress Plugin Directory – Forcing Plugin Updates
- Is your website clean? | Life Currents on Links Injection on WordPress – Blackhat SEO Spam (basicpills) update
- Technology News on Blog Comments – Analysing 100,000 Comments and Spammers
- user on Removing Malware from a WordPress blog – Case Study
- Brand Development on Walmart web site hacked and hosting spam
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost data dns education fox godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing php plugin scan security spam stats sucuri twitter updates vbulletin virus vulnerability walmart wordpressArchives
- May 2012 (7)
- April 2012 (15)
- March 2012 (12)
- February 2012 (6)
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: October 2010
Attacks on GoDaddy sites – insomniaboldinfoorg.com
UPDATE: As of 4AM Pacific, on November 3rd, we’ve received various reports of another related outbreak of exploited sites on GoDaddy. We’re currently researching the issue and will provide updated scripts if necessary. Please comment below if you have been … Read more
Posted in godaddy, hacked, malware, malware_updates
Tagged godaddy, hacked, malware, malware_updates
39 Comments
Hilary Kneber at it again: voip.dialistico.net
The Hilary Kneber group is at it again. We are now tracking their usage of voip.dialistico.net to push malware to quite a few sites. If you don’t know about them, just take a look at our blog history. Most of … Read more
Malware update: ssl-verification.net
Quick malware update: The site ssl-verification.net (nice name) is being used to distribute SEO spam and malware (the famous fake AV). We recently wrote about the domain ssl-validation, but it seems that they disabled it and are using ssl-verification instead … Read more
More attacks – Hilary Kneber and insomniaboldinfocom.com
For the last couple of days, we’ve been seeing a good number of sites hacked with a familiar pattern. All of them have a javascript loading malware (the famous fake AV) from: http://insomniaboldinfocom.com/mm.php http://insomniaboldinfonet.com/mm.php http://www3.large-defense1.in This is very similar to … Read more
NASA web site hacked and serving malware/spam
Some sites under NASA’s Jet Propulsion lab ( http://jpl.nasa.gov/ ) have been hacked and are being used on the infamous blackhat SEO Spam network. Not only that, but they are also serving malware to unsuspicious users. The sites in question … Read more
Kaspersky site hacked and redirecting users to fake AV
If you tried to download and/or visit Kaspersky’s web site yesterday, please check if your computer didn’t get infected. Their web site was hacked and their download pages were redirecting users to a fake AV (malware) page. The malware was … Read more
Rail Europe trying to sell me Amoxicillin – Pharma hack
I was looking to buy some Amoxicillin online today and didn’t want to get a prescription. So I went to Google and searched for it. Interesting enough, Rail Europe ( http://blog.raileurope.com ) was the first result. Ok, so I’m kidding, … Read more
osCommerce attacks – kirm-sky.ru
We are seeing a very large number of osCommerce sites hacked on the last few days. If you are an osCommerce user, make sure to update it asap and check if to see if it’s been infected (also remove the … Read more
Posted in blacklisted, hacked, malware, oscommerce
Tagged blacklisted, hacked, malware, oscommerce
4 Comments
More attacks – Hilary Kneber and meqashoppecom – Part II
A few days ago we reported a large scale attack affecting WordPress sites at hosted on 123-reg servers. They were using the domains meqashopperinfo.com and meqashopperonline.ccom to spread the malware. You can read more about it here. Today, we’re seeing … Read more
EA.com – Please protect your forum or shut it down
A note to EA.com: Please protect your forums or shut it down. Not only are more than half of the posts (http://forum.ea.com) serving SPAM, they are also being used to affect other web sites. More often than not, when a … Read more
