Website Security News
This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world — even if their site is not hacked. It all began with a pretty regular sample of an infected WordPress index.php…
Read More about Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites
Although the majority of sites we work on are powered by PHP, we still have clients whose sites use other programming languages. The other day we cleaned an ASP site…
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago)…
Read More about From .tk Redirects to PushKa Browser Notification Scam
After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3 #EKFiddle [Regex update]: Added Radix Web Skimmer identified…
Read More about More on Dnsden[.]biz Swipers and Radix Obfuscation
Some JavaScript features allow for pretty interesting obfuscation techniques. For example, did you know that virtually any English word can be used as a valid number? I recently decoded a…
Read More about Uncommon Radixes Used in Malware Obfuscation
Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request looks like: Users see a…
Read More about Fake Browser Updates Push Ransomware and Bank Malware
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious and evade detection by website…
Read More about Google Analytics and Angular in Magento Credit Card Stealing Scripts
Credit card stealing malware is becoming more and more customized. We’ve been regularly seeing injected scripts with URLs that either mimic or include a portion of the victim’s site domain….
Read More about Localization and Customization of Credit Card Stealing Malware
Last Friday, we reported on a hack that used a vulnerability in the popular WP GDPR Compliance plugin to change WordPress siteurl settings to erealitatea[.]net. At that time it was…
Read More about Hackers Change WordPress Siteurl to Pastebin
Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same week, we started detecting new modifications of…
Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious scripts into WordPress websites. Shortly after, the campaign changed the…
Read More about Multiple Ways to Inject the Same Tech Support Scam Malware
![More on Dnsden[.]biz Swipers and Radix Obfuscation](https://blog.sucuri.net/wp-content/uploads/2019/03/03192019-uncommon-radixes-uses-in-malware-obfuscation-update_blog-585x275.png)
