SweetCAPTCHA Returns Hijacking Another Plugin
Denis Sinegubko Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-party ad code to…
SweetCAPTCHA Service Used to Distribute Adware
SweetCaptcha is a free CAPTCHA service that offers to match “sweet” images instead of making you recognize distorted digits and characters. It has integrations with…
Fake jQuery Scripts in Nulled WordPress Plugins
We recently investigated some random redirects on a WordPress website that would only happen to certain visitors. Traffic analysis showed us that it was not…
Hacked Websites Redirect to Bitcoin
Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is Bitcoin using…
Impacts of a Hack on a Magento Ecommerce Website
Recently we wrote about the impacts of a hacked website and how it is important to give website visitors a safe online experience. In this…
WordPress Malware Causes Psuedo-Darkleech Infection
Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to insert hidden iframes with certain…
Inverted WordPress Trojan
A trojan (or trojan horse) is software that does (or pretends to be doing) something useful but also contains a secret malicious payload that inconspicuously…
Analyzing Malicious Redirects in the IP.Board CMS
Although the majority of our posts describe WordPress and Joomla attacks (no wonder, given their market-share), there are still attacks that target smaller CMS’s and…
AdSense Abused with Malvertising Campaign
Last weekend we noticed a large number of requests to scan websites for malware because they randomly redirected to some “magazine” websites. Most of them…
Website Backdoors Leverage the Pastebin Service
We continue our series of posts about hacker attacks that exploit a vulnerability in older versions of the popular RevSlider plugin. In this post we’ll…
Analyzing The WordPress SoakSoak Favicon Backdoor
This post is a dissection of one of a few backdoor variations hackers are uploading via the RevSlider security hole. We also provide webmasters a…