What is Cryptocurrency Mining Malware?
Brian Bautista Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are. What is Cryptocurrency?…
Browsing Category
Website Malware Infections
864 posts
TimThumb Attacks: The Scale of Legacy Malware Infections
Denis Sinegubko These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its…
Lack of controls when using WordPress’ update_option() with user input data equals plugin nightmare
John Castro As mentioned in recent posts, WordPress’ update_option() function is used to update any option in the options database table. If the permission flow when using…
What Hackers Do after Gaining Access to a Website
Pilar Garcia A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that…
Skimmers and Phishing
Recently, we shared a post about a network of domains used in a JavaScript credit card stealing malware campaign. These domains are all hosted on…
KOSONG Credit Card Stealer
Our security analyst Christopher Morrow recently discovered a server-side Magento skimmer that was injected into the savePayment function in the app/code/core/Mage/Checkout/Model/Type/Onepage.php file. This code emails…
Troldesh Ransomware Dropper
Luke Leal Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP…
Hydro-Quebec phishing
We have found an interesting phishing kit containing numerous phishing pages which target large, popular brands like Amazon and Paypal. What was interesting about this…
User adder backdoor
Cesar Anjos As we’ve seen many times before, there are a variety of backdoors that can be planted on a website. Post-compromise, it’s almost mandatory to review…
EE wireless provider phishing malware
Krasimir Konov A large number of phishing targets include popular services such as banks, payment providers, and email services. In this type of attack, fraudsters create fake…
New variant of “trollherten” malware
We continue to see new variations of obfuscation used to hide a PHP backdoor that began to be heavily used by malicious users in late…