Website Security News
Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users. Once installed, fake browser updates infect the victim’s computer with various types of malware including remote access trojans (RATs). SocGholish…
Read More about New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
Since September 2022, our research team has tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. These malicious redirects appear to be designed to…
Read More about Massive ois[.]is Black Hat Redirect Malware Campaign
Malware authors, with some notable exceptions, tend to design their malicious code to hide from sight. The techniques they use help their malware stay on the victim’s website for as…
Read More about Wordfence Evasion Malware Conceals Backdoors
When attackers shift up their campaigns, change their payload or exfiltration domains, and put some extra effort into hiding their malware it’s usually a telltale sign that they are making…
Read More about New Malware Variants Serve Bogus CloudFlare DDoS Captcha
Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a detailed security announcement on September…
Read More about Magento Supply Chain Attack Targets Extension Developer FishPig
Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated in a previous post WordPress…
Read More about Examining Less-Common WordPress Credit Card Skimmers
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks performed by WAF/CDN services which…
Read More about Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads
Our story starts like many others told on this blog: A new client came to us with reported cases of credit card theft on their eCommerce website. The website owner…
Read More about WooCommerce Credit Card Skimmer Uses Telegram Bot to Exfiltrate Stolen Data
WordPress’ massive market share has come with an unsurprising side effect: As more and more site admins turn to popular plugins like WooCommerce to turn a profit on their website…
Read More about Smilodon Credit Card Skimming Malware Shifts to WordPress
In today’s post we’re going to be going over the top ten most cumbersome website infections to remove, based on the sheer number of files or database entries that they…
Read More about Top Ten Most Cumbersome Website Infections to Remove in 2021
Editorial: This post was last updated October 13th, 2022. Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New…
Read More about Examining Emerging Malware: Website Backdoors
![Massive ois[.]is Black Hat Redirect Malware Campaign Targets WordPress Sites](https://blog.sucuri.net/wp-content/uploads/2022/11/BlogPost_Feature-Image_1490x700_PHP-Login-Stealer-585x275.png)
