Ben Martin

102 posts

Ben Martin is a security analyst and researcher who joined the company in 2013. Ben's main responsibilities include finding new undetected malware, identifying trends in the website security world, and, of course, cleaning websites. His professional experience covers more than a decade of working with infected websites of every variety with a special focus on eCommerce / credit card theft malware. When Ben isn't slaying malware you might find him producing music, gardening, or skateboarding around Victoria.

Critical Vulnerabilities in All in One SEO Plugin Affects Millions of WordPress Websites

Ben Martin
December 21, 2021

Security Risk: High Exploitation Level: Easy CVSS Score: 9.9 / 7.7 Vulnerability: Privilege Escalation, SQL Injection Patched Version: 4.1.5.3 Last week, security researcher at Automattic…

Read the Post

What is the Log4j Vulnerability?

Ben Martin
December 14, 2021

Editorial: This post was last updated October 17th, 2022. What is the Log4j vulnerability? Originally found on the popular game Minecraft, this critical server security…

Read the Post

WooCommerce Credit Card Swiper Injected Into Random Plugin Files

Ben Martin
December 6, 2021

It’s that time of year again! While website owners always need to be on guard, the holidays season is when online scams and credit card…

Read the Post

An Overview of Website Reinfection Vectors

Ben Martin
November 19, 2021

The website security landscape is as complicated as it is treacherous. We often deal with clients who become reinfected over and over again. Once the…

Read the Post

Website Security

Fake Ransomware Infection Spooks Website Owners

Ben Martin
November 15, 2021

Starting this past Friday we have seen a number of websites showing a fake ransomware infection. Google search results for “FOR RESTORE SEND 0.1 BITCOIN”…

Read the Post

Online Credit Card Theft - A Brief Overview of Online Fraud and Abuse

WooCommerce Skimmer Spoofs Checkout Page

Ben Martin
November 8, 2021

Recently a client of ours was reporting a bogus checkout page appearing on their website. When trying to access their “my-account” page an unfamiliar prompt…

Read the Post

WordPress Redirect Hack via Test0.com/Default7.com

Multistage WordPress Redirect Kit

Ben Martin
September 8, 2021

Recently, one of our analysts @kpetku came across a series of semi-randomised malware injections in multiple WordPress environments. Typical of spam redirect infections, the malware…

Read the Post

Analysis of a Phishing Kit (that targets Chase Bank)

Ben Martin
September 1, 2021

Most of us are already familiar with phishing: A common type of internet scam where unsuspecting victims are conned into entering their real login credentials…

Read the Post

Website Security

A Short History of Essay Spam (How We Got from Pills to Plagiarism)

Ben Martin
August 18, 2021

From answering beginner questions like ‘What is SEO spam?’ to breaking down the spammers’ code and exactly how they hide their injections in compromised websites,…

Read the Post

Adobe Patches Critical Magento Vulnerabilities in Recent Update

Ben Martin
August 13, 2021

Adobe has recently released several critical security patches for both their open source and commercial versions of their ecommerce platform. There are a total of…

Read the Post

Stylish Magento Card Stealer loads Without Script Tags

Ben Martin
July 28, 2021

Recently one of our analysts, Weston H., found a very interesting credit card stealer in a Magento environment which loads a malicious JavaScript without using…

Read the Post