Register My Backdoor – Unorthodox Invocation Mechanisms
Denis Sinegubko Backdoors are found in 72% of infected websites, according to our latest reports. Backdoors are files left on the server by attackers in order to retain…
Client-Side or Server-Side Script?
We’ve already described several times how credit card stealing malware hides a data collecting script behind an image URL. When people see URLs that end…
Website Malware: Unwanted Exit to YourBrexit
Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually…
WordPress Security – Unwanted Redirects via Infected JavaScript Files
We’ve been watching a specific WordPress infection for several months and would like to share details about it. The attacks inject malicious JavaScript code into…
Spotting a Hidden SEO Hack: “Play One”
SEO hacks continue to plague websites as attackers abuse SERP rankings for their own gain. The time and effort spent by the website owner creating…
SEO Spam Campaign Exploiting WordPress REST API Vulnerability
Just over a week ago, WordPress released version 4.7.3 to patch multiple security issues. Despite the automatic update feature provided by many hosting companies, there…
Ghost from the Past
Some sites may stay infected or not properly cleaned for years. Eventually, they come to us and we clean them. It doesn’t matter whether the…
Amazon Affiliate Cookie Stuffing
We wrote a lot about malware in invisible iframes. This story is about a different type of invisible iframes that hackers may place on your…
Injection of Unwanted Google AdSense Ads
During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-up…
Database and Image Tricks in Magento Malware
Magento malware that steals details of customer credit cards is a prevalent problem during the last couple of years. We write a lot about various…
Spamming Stopped by Pastebin
We wrote multiple times about malware attacks that store their scripts on Pastebin.com and load them either to the server once they break into it…