Ben Martin

About Ben Martin

Ben Martin is Sucuri’s Security Analyst who joined the company in 2013. Ben's main responsibilities include finding new undetected malware, identifying trends in the website security world, and, of course, cleaning websites. His professional experience covers more than six years of working with infected websites, writing blog posts, and taking escalated tickets. When Ben isn't slaying malware, you might find him editing audio, producing music, playing video games, or cuddling with his cat. Connect with him on Twitter

April 14, 2021Ben Martin

WordPress Continues to Fall Victim to Carding Attacks

Unsurprisingly, as WordPress continues to increase in popularity as an e-commerce platform, attackers continue to attempt to steal credit card information from unsuspecting clients. Currently, the WordPress plugin WooCommerce accounts for roughly a quarter of all online stores. Over recent years, attackers whose goal it is to fradulently obtain credit card information have mostly focused on…

January 5, 2021Ben Martin

Bogus CSS Injection Leads to Stolen Credit Card Details

A client recently reported their customers were receiving antivirus warnings when trying to access and purchase products from a Magento ecommerce website. This is almost always a telltale sign that…

July 27, 2020Ben Martin

Reverse String WooCommerce WordPress Credit Card Swiper

As 2020 continues to be the worst year in almost anybody’s lifetime, allow me to take this opportunity to stoke the fires of your existential dread even further. As a…

April 9, 2020Ben Martin

Analysis of a WordPress Credit Card Swiper

While working on a recent case, I found something on a WordPress website that is not as common as on Magento environments: A credit card swiper injection. Typically this type…

August 1, 2019Ben Martin

Neapolitan Backdoor Injection

Most of us are familiar with Neapolitan ice cream: a flavour whose distinguishing characteristic is not one single flavour but several. Many also know it as the ice cream which…

April 26, 2019Ben Martin

Typo 3 Spam Infection

Here at Sucuri most of the malware that we deal with is on CMS platforms like: WordPress, Joomla, Drupal, Magento, and others. But every now and then we come across…

Fear, Uncertainty, and Doubt

There’s a term for the practice of scaring potential customers into purchasing products or services they don’t need: FUD; fear, uncertainty, and doubt. This practice is widespread in the computer/IT…

December 21, 2017Ben Martin

Reverse Javascript Injection Redirects to Support Scam on WordPress

Over the last few weeks, we’ve noticed a JavaScript injection in a number of WordPress databases, and we recently wrote about them in a Sucuri Labs Note. The campaign attempts…

August 8, 2017Ben Martin

PHP Script Nukes All Website Files

Most malware and spam that we come across has some sort of discernable purpose to it, usually something which benefits the attackers financially. This is often related to spam campaigns,…

February 23, 2017Ben Martin

When malware injection goes wrong

Today while scanning a client’s website, I found a failed attempt by attackers to hide the location of a backdoor. It is very common for us to find backdoor uploaders…

October 17, 2016Ben Martin

Magento Credit Card Swiper Exports to Image

Over the past year we have seen a rash of credit card swipers in Magento and other ecommerce-based websites. In fact, we have been finding new variants nearly every week….