Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker
Matt Morrow In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code —…
Browsing Category
Website Malware Infections
836 posts
Web Shells: Types, Mitigation & Removal
Cesar Anjos Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These…
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise
Ben Martin A new client recently came to us reporting seemingly random pop ups occurring on their website. While it was clear that there was something amiss…
What is .htaccess Malware? (Detection, Symptoms & Prevention)
The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with…
New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
Puja Srivastava In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was…
From Web3 Drainer to Distributed WordPress Brute Force Attack
Denis Sinegubko Two weeks ago we discussed a new development in website hacks: Web3 crypto wallet drainers. We’ve been closely following the most significant variant which injects…
New Wave of SocGholish Infections Impersonates WordPress Plugins
SocGholish malware, otherwise known as “fake browser updates”, is one of the most common types of malware infections that we see on hacked websites. This…
Web3 Crypto Malware: Angel Drainer Overview, Variants & Stats
Since January 2024, there has been a notable surge in attacks by a novel form of website malware targeting Web3 and cryptocurrency assets. This malware,…
Remote Access Trojan (RAT): Types, Mitigation & Removal
Remote Access Trojans (RATs) are a serious threat capable of giving attackers control over infected systems. This malware stealthily enters systems (often disguised as legitimate…
New Guide: How to Protect Your Website from Phishing
Rianna MacLeod There are many threats that can harm your website and your users, but one of the most dangerous is phishing. Phishing is a method used…
Detecting & Mitigating an Office 365 Phishing Threat: “Greatness”
Krasimir Konov Emerging in 2022, a phishing tool known as Greatness has caught the attention of our research team due to its coordinated efforts to breach Microsoft…