Persistent Malicious Redirect Variants
Peter Gramantik It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to…
Browsing Category
Website Malware Infections
864 posts
Ask Sucuri: How Do You Find Website Backdoors?
Juliana Lewis A website backdoor is malicious code injected into a website to allow unauthorized access. These hidden entry points can give attackers full control over your…
CoinImp Cryptominer and Fully Qualified Domain Names
Denis Sinegubko We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www”…
Google and Facebook Used in Phishing Campaigns
Fioravante Souza We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types…
What are Website Backdoors?
When a site gets compromised, the attackers will often leave some piece of malware behind to allow them access back to the site. Hackers want…
Magento Credit Card Stealer Reinfector
Cesar Anjos In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal…
Hackers Are Just as Vulnerable as You
Luke Leal I came across some interesting defacement pages recently and noticed a peculiar JavaScript injection included within each source code of the defaced websites. As shown…
Fake Font Dropper
Moe O A website owner reached out to us to investigate a weird behavior on their site. It was randomly showing a popup window for a missing…
Magento CC Stealer Reinfector
We have seen many times in the past few months how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins,…
JQuory: Cryptomining in Nulled Themes and Plugins.
Three months ago b>@ninoseki</b revealed a group of sites with cryptomining scripts inside jquory.js files (yes, jquory instead of jquery). Coinhive(“I2OG8vGGXjF7wMQgL37BhqG5aVPjcoQL”) is trigged by “jquory.js”.…
Cookie consent script used to distribute malware
Krasimir Konov Since the new website cookie usage regulations in the EU have come into place, many websites have added a warning on their website about how…