WordPress Malware Collects Sensitive WooCommerce Data
Luke Leal During a recent investigation, our team found malicious code that reveals how attackers are performing reconnaissance to identify if sites are actively using WooCommerce in…
Browsing Category
Website Malware Infections
857 posts
B374k Web Shell Packer
PHP web shells are a type of backdoor which, when left on compromised websites, allow attackers to maintain unauthorized access after initial compromise. To further…
YouTube Account Recovery Phishing
Phishing attacks against targeted channels have been successful in the past, as explained last year on ZDNet. Recently, our Remediation team found an interesting phishing…
Labs Notes Monthly Recap – April/2020
Juliana Lewis In 2020, we doubled up our research efforts to report on many new attacks and hacks that we see in the wild. We believe that…
Vulnerabilities Digest: April 2020
John Castro Relevant Plugins and Vulnerabilities: Plugin Vulnerability Patched Version Installs Widget Settings Importer/Exporter Stored XSS Closed 40000 Accordion Stored/Reflected XSS 2.2.9 30000 Support Ticket System By…
WordPress Admin Login Stealer
Krasimir Konov During an investigation, we identified a WordPress login stealer using the PHP functions curl and file_get_contents. The malicious code was injected into the core file…
PinnacleCart Server-Side Skimmers and Backdoors
Denis Sinegubko While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online…
Fake M-Shield WordPress Plugin
During a recent malware investigation, we found a fake WordPress plugin called M-Shield. We also found almost an identical plugin under the name kingof, with…
Obfuscated WordPress Malware Dropper
It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating…
Magento JavaScript Skimmer Targets Tarjetas de Crédito
A website owner recently contacted us regarding a payment problem on their Magento website. A suspicious payment card form was loading for customers who were…
Web Skimmer with a Domain Name Generator
Our security analyst Moe Obaid recently found yet another variation of a web skimmer script injected into a Magento database. The malicious script loads the…