Fake French Police Sextortion Scam
Luke Leal There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method…
Browsing Category
Website Malware Infections
852 posts
Sucuri_encrypted: Magento Malware
Denis Sinegubko In an effort to make malicious code appear to be credible, hackers commonly piggyback on the names of reputable, well-known companies and services. Typical examples…
Plugins added to Malware Campaign: September 2019
John Castro This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Down the Malware Rabbit Hole – Part 1
Cesar Anjos It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to…
The Hacker Returns: A Backdoor Edition
Moe O Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as…
Plugins Under Attack: August 2019
This is an update for the long-lasting malware campaign targeting vulnerable plugins during August and September. Please check our previous updates below: Multi-Vector Attack in…
Unauthenticated settings update in woocommerce-ajax-filters
woocommerce-ajax-filters, which currently has over 10,000 installations (versions <=1.3.6) allows unauthenticated attackers to arbitrarily update all the plugin options and redirect any user to an…
Misuse of WordPress update_option() function Leads to Website Infections
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of WordPress’ update_option() function. This function…
Throwback Threat Thursday: Joomla GoogleMaps Plugin SEO Spam Injection
Fioravante Souza Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these…
What is Cryptocurrency Mining Malware?
Brian Bautista Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are. What is Cryptocurrency?…
TimThumb Attacks: The Scale of Legacy Malware Infections
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its…