Hackers Are Just as Vulnerable as You
Luke Leal I came across some interesting defacement pages recently and noticed a peculiar JavaScript injection included within each source code of the defaced websites. As shown…
Browsing Category
Website Malware Infections
858 posts
Fake Font Dropper
Moe O A website owner reached out to us to investigate a weird behavior on their site. It was randomly showing a popup window for a missing…
Magento CC Stealer Reinfector
Cesar Anjos We have seen many times in the past few months how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins,…
JQuory: Cryptomining in Nulled Themes and Plugins.
Denis Sinegubko Three months ago b>@ninoseki</b revealed a group of sites with cryptomining scripts inside jquory.js files (yes, jquory instead of jquery). Coinhive(“I2OG8vGGXjF7wMQgL37BhqG5aVPjcoQL”) is trigged by “jquory.js”.…
Cookie consent script used to distribute malware
Krasimir Konov Since the new website cookie usage regulations in the EU have come into place, many websites have added a warning on their website about how…
Massive localstorage[.]tk Drupal Infection
After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this one: Massive…
A Puzzling Backdoor Upload
Douglas Santos After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These malicious pieces of code…
From Baidu to Google’s Open Redirects
Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages.…
Malicious Activities with Google Tag Manager
If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say…
Cloudflare[.]solutions Keylogger Returns on New Domains
A few months ago, we covered two injections related to the “cloudflare.solutions” malware: a CoinHive cryptominer hidden within fake Google Analytics and jQuery, and the…
Server-level Cryptominer Injections
During an investigation on a recent case, we came across a malware infection that came directly from the server. Upon further inspection, we found that…