Website Security News
Learn about the latest malware campaigns actively infecting websites, including malware removal and protection steps. Stay up to date with the latest infections against websites including CMS platforms like WordPress, Drupal, Magento, and Joomla. Read our posts about the most recent website hacks analyzed by our research and incident response teams.
It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In our first post in this series, we’ll describe how bad actors hide their malicious code…
Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as it can to help them…
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of WordPress’ update_option() function. This function is used to update a…
Read More about Misuse of WordPress update_option() function Leads to Website Infections
When our tools don’t automatically detect and clean malicious code, that’s when we start our investigation process—and the majority of these research findings end up on the blog or as…
Read More about Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection
Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are. What is Cryptocurrency? Cryptocurrency is best thought of…
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its operations, the scale of infections…
Read More about TimThumb Attacks: The Scale of Legacy Malware Infections
A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that belongs to someone else. Cyber…
Read More about What Hackers Do after Gaining Access to a Website
Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP file that acts as a…
In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always…
Read More about Reset Email Account Passwords after Website Infection: Follow Up
During the past year, our Remediation department has seen a large increase in the number of fully spammed sites. The common factors are strangely named and unusually located favicon.ico files,…
Most of the time when we talk about spam, we think about mindless machines that create posts or comments to advertise a business related to drugs, accessories, or essays. But…
