CoinImp Cryptominer and Fully Qualified Domain Names
Denis Sinegubko We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www”…
Browsing Category
Website Malware Infections
862 posts
Google and Facebook Used in Phishing Campaigns
Fioravante Souza We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types…
What are Website Backdoors?
Juliana Lewis When a site gets compromised, the attackers will often leave some piece of malware behind to allow them access back to the site. Hackers want…
Magento Credit Card Stealer Reinfector
Cesar Anjos In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal…
Hackers Are Just as Vulnerable as You
Luke Leal I came across some interesting defacement pages recently and noticed a peculiar JavaScript injection included within each source code of the defaced websites. As shown…
Fake Font Dropper
Moe O A website owner reached out to us to investigate a weird behavior on their site. It was randomly showing a popup window for a missing…
Magento CC Stealer Reinfector
We have seen many times in the past few months how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins,…
JQuory: Cryptomining in Nulled Themes and Plugins.
Three months ago b>@ninoseki</b revealed a group of sites with cryptomining scripts inside jquory.js files (yes, jquory instead of jquery). Coinhive(“I2OG8vGGXjF7wMQgL37BhqG5aVPjcoQL”) is trigged by “jquory.js”.…
Cookie consent script used to distribute malware
Krasimir Konov Since the new website cookie usage regulations in the EU have come into place, many websites have added a warning on their website about how…
Massive localstorage[.]tk Drupal Infection
After a series of critical Drupal vulnerabilities disclosed this spring, it’s not surprising to see a surge of massive Drupal infections like this one: Massive…
A Puzzling Backdoor Upload
Douglas Santos After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These malicious pieces of code…