Fake License.txt File Loaded Through PHP Include
Luke Leal Our team recently found a malicious injection located within a PHP include. The redirect occurs via the include function, which includes a file inconspicuously named…
Browsing Category
Website Malware Infections
852 posts
Face Mask Spam Links Injected in WordPress Database
During a recent malware removal request, we found a compromised WordPress site being used to redirect to spam websites. The campaign was leveraging an increase…
How to Find & Fix the Japanese Keyword Hack
Art Martori If you’re wondering how to find and fix the Japanese keyword hack, get started by identifying a real-life example. First, open Google Translate, and then…
Multi-Step Phishing Kit Targeting Credit Union
Phishing attacks can come in all shapes and sizes. Posing a serious threat to industries large and small, phishing campaigns are the fraudulent attempt to…
Assemble the Cookies
When we investigate compromised websites, it’s not unusual to find malicious files that have been obfuscated through forms of encoding or encryption — however, these…
Tiny WSO Webshell Loader
A PHP webshell is a common tool found on compromised environments. Attackers use webshells as backdoors, allowing them to maintain unauthorized access to a hacked…
Reflected XSS in Cookiebot Administrative Page
Antony Garand A reflected XSS vulnerability has recently been found in the Cookiebot plugin plugin, impacting a user base of over 40k installs. Versions prior to 3.6.1…
Safe Browsing During a Pandemic: How to Spot COVID-19 Phishing Campaigns
Justin Channell Online bad actors tend to take advantage of tragedy for their own gain – and the coronavirus is no different. While we would hope that…
Extract Function Backdoor Variant
We recently found malware on a client’s WordPress site that was using a variant of a backdoor that we previously covered back in 2014. The…
Reflected XSS in Advanced Ads Admin Dashboard
A patch for a vulnerability in the Advanced Ads plugin has been released. Prior to version 1.17.4, attackers were able to exploit two reflected XSS…
Innocent Defacement
Cesar Anjos When we talk about defacements, we’re usually referring to attacks leading to a visual takeover of a website’s page ― consider it a form of…