Social Warfare Vulnerability Probes
Denis Sinegubko After a recent disclosure of the Social Warfare plugin vulnerability, we’ve seen massive attacks that inject malicious JavaScripts into the plugin options. The vulnerability has…
Browsing Category
Website Malware Infections
864 posts
Conditional redirection to an online pharmacy store
Moe O During an investigation, a client reported some weird behavior from all incoming visits during their Google search engine result clicks are instantly redirected to an…
Super Amazon Banners Plugin Gone Rogue
Krasimir Konov During a recent investigation we found the plugin Super Amazon Banners to be serving malware/spam via the domain seoranker[.]info. We suspect that the domain expired…
Multi-Vector Attack in Server Logs
John Castro We recently noticed an increase on suspicious requests in our logs which reveal a planned attack against the Social Warfare plugin. Bad actors added this…
![More on Dnsden[.]biz Swipers and Radix Obfuscation](https://blog.sucuri.net/wp-content/uploads/2019/03/03192019-uncommon-radixes-uses-in-malware-obfuscation-update_blog-390x183.jpg)
More on Dnsden[.]biz Swipers and Radix Obfuscation
After recent publication of the Uncommon Radixes Used in Malware Obfuscation article, we found an interesting Twitter thread involving @EKFiddle and @Ledtech3 #EKFiddle [Regex update]:…
From Fake Updates to Unwanted Redirects
At the end of February, we wrote about a massive wave of site infections that pushed fake browser updates. In the beginning of March, the…
Fake Browser Updates Push Ransomware and Bank Malware
Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request…
Google Analytics and Angular in Magento Credit Card Stealing Scripts
Over the last few months, we’ve noticed several credit card-stealing scripts that use variations of the Google Analytics name to make them look less suspicious…
Add Security to Your Website Agency Portfolio
Eli Lopez As a website industry professional, you are aware of the importance of website security. This is especially true when managing 10 or more sites. How…
Fake Parameters Conceal a Backdoor
We found this backdoor in the middle of the logrss.php file that defined the JDocumentRendererRSS class. …function jregisterClass() { // merge arrays $info = array_merge($_REQUEST,$_COOKIE); //…
How to Prevent Cross-Site Contamination for Beginners
Josh Hammer What is Cross-Site Contamination? Cross-site contamination happens when a hacked site infects other sites on a shared server. Think of it as your kid in…