Sucuri Labs

A very common pattern in compromised websites is the presence of backdoors and other malicious codes. Attackers use different techniques and malware to abuse of…

Lately we’ve been dealing with an increase in attacks against ecommerce platforms. Attackers usually choose this type of solution (like Magento & others) because of…

For many years, spam injections placed inside legitimate pages remain one of the prevalent types of black hat SEO hacks that we clean. Hackers constantly…

Injecting malware into core files of CMS installations is one of the techniques attackers use. From the user’s perspective, it is easier to detect and…

Website defacement is still a big issue for various website owners. It directly impacts on your online presence / visibility and as a consequence, it…

Lately, we’ve uncovered and detailed lots of techniques being used against e-commerce platforms to steal sensitive information, mostly credit card and login credentials. With the…

I was assisting a client with their compromised website and came across a file called unsave.php that was primarily used to inject a rewrite into…

Attackers use different techniques to distribute SPAM in a compromised website. Most of the time they choose the file structure to inject the malicious code…

Nowadays, the most common issues with database injections are related to SPAM. Brian Krebs has a book called Spam Nation, that gives us a more…

With the increase of mobile internet browsing, attackers have adapted their techniques to target such platforms and distribute SPAM & malware to these devices. Our…

Recently we found a very interesting malware that injects symbolic links in each and every Linux/UNIX home folder. Once the website is infected, it uses…