Browsing Category
Website Malware Infections
770 posts
Websites Defaced with Belarusian Bottled Water Company Content
It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…
Xjquery Wave of WordPress SocGholish Injections
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
What is Steganography? (Or, How Hackers Hide Malware On Websites)
As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to…
Massive Abuse of Abandoned Eval PHP WordPress Plugin
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Hacked Website Threat Report – 2022
Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this…
How to Find & Fix: WordPress Pharma Hack
Finding bogus content and unexpected links for prescription drugs on your WordPress website can be a frustrating experience. But don’t blame your site: it just…
What is a Website Defacement?
Defacement is easily one the most obvious signs of a hacked website. In these attacks, bad actors gain unauthorized access to an environment and leave…
Magbo Spam Injection Encoded with hex2bin
We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but…
Is My Site Hacked? (13 Signs)
Symptoms of a hack can vary wildly. A concerning security alert from Google, a browser warning when you visit your site, or even a notice…
Attackers Abuse Cron Jobs to Reinfect Websites
Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new…