PHP Reinfector and Backdoor Malware Target WordPress Sites
Puja Srivastava We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector and backdoor malware. While we initially believed that the infection…
Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan
In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This…
Hundreds of Websites Targeted by Fake Google Chrome Update Pop-Ups
Fake Browser Update campaigns are known for their deceptive tactics used by hackers to trick users into downloading malicious software. These campaigns typically involve injecting…
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS
We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a…
New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was…
How to Find & Fix Japanese SEO Spam
Japanese SEO Spam, also known as “Japanese keyword hack” or “Japanese SEO poisoning,” is a spammy search engine optimization technique used by black hat SEO…
How to Fix “Not Secure” Warnings and SSL Issues in WordPress (8 Steps)
If you own a WordPress website and ever encountered the “Not Secure” warning, you might have worried that visitors would perceive your site as spam…
Malicious Injection Redirects Traffic via Parked Domain
During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The…