What Hackers Do after Gaining Access to a Website
Pilar Garcia A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that…
Browsing Category
Website Malware Infections
851 posts
Skimmers and Phishing
Denis Sinegubko Recently, we shared a post about a network of domains used in a JavaScript credit card stealing malware campaign. These domains are all hosted on…
KOSONG Credit Card Stealer
Our security analyst Christopher Morrow recently discovered a server-side Magento skimmer that was injected into the savePayment function in the app/code/core/Mage/Checkout/Model/Type/Onepage.php file. This code emails…
Troldesh Ransomware Dropper
Luke Leal Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP…
Hydro-Quebec phishing
We have found an interesting phishing kit containing numerous phishing pages which target large, popular brands like Amazon and Paypal. What was interesting about this…
User adder backdoor
Cesar Anjos As we’ve seen many times before, there are a variety of backdoors that can be planted on a website. Post-compromise, it’s almost mandatory to review…
EE wireless provider phishing malware
Krasimir Konov A large number of phishing targets include popular services such as banks, payment providers, and email services. In this type of attack, fraudsters create fake…
New variant of “trollherten” malware
We continue to see new variations of obfuscation used to hide a PHP backdoor that began to be heavily used by malicious users in late…
Self-destruct malware
The majority of malware we find on compromised websites have been planted by bad actors with the intention of concealing and accessing backdoor access. During…
Yet another variant of the cPanel user shadow editor malware
We have discovered a new variant of PHP malware used to edit a cPanel users’s shadow file, allowing for bad actors to change passwords for…
Plugins Under Attack: July 2019
John Castro A long-lasting malware campaign targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites: Multi-Vector Attack…