Another Fake Cloudflare Verification Targets WordPress Sites
Kayleigh Martin A new Cloudflare infection has once again been targeting WordPress sites. This new iteration of malware mimics a legitimate-looking Cloudflare verification page, which then tricks…
Fake Font Domain Used to Skim Credit Card Data
Recently, a client of ours came to us concerned about credit card theft on their WordPress site. The client’s users reported that their credit card…
Fake WordPress Plugin Impacts SEO by Injecting Casino Spam
Injecting malware via a fake WordPress plugin has been a common tactic of attackers for some time. This clever method is often used to bypass…
Magento Credit Card Stealer Disguised in an <img> Tag
Recently, we had a client come to us concerned that their website was infected with credit card stealing malware, often referred to as MageCart. Their…
Simple Include Statement Hides Casino Spam
Just as there are countless types of websites on the internet, there are just as many attackers seeking to exploit them. These attackers develop malicious…
Indonesian Gambling Redirect Hiding in Plain Sight
Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to…
Vulnerable WordPress Sites Compromised with Different Database Infections
Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common…
Fake jQuery Domain Redirects Site Visitors to Scam Pages
A recent infection has been making its rounds across vulnerable WordPress sites, detected on over 160 websites so far at the time of writing. The…
WordPress Admin Creator – A Simple, But Effective Attack
Malicious admin users get added to vulnerable WordPress sites often. This can happen in a variety of different ways, and sometimes the malware that creates…