Mayhem Malware Server Botnet Continues to Evolve
Jose Martinez Three years ago, researchers at Yandex discovered a complex server infection, dubbed Mayhem, that embeds itself deep within a system by compiling a shared object…
Browsing Category
Website Malware Infections
864 posts
Simple self updating hacktool
Pedro Peixoto While working on a compromised website, it’s very common to encounter hacktools. Those are like the attackers’ swiss knife, allowing them to perform several tasks…
Soccer spam. Really?
Fernando Barbosa In the last few months, we’ve covered several cases of SEO Spam in our labs and blog that were promoting products and services ranging from…
Mayhem malware still on the wild
Years ago, colleagues from Yandex introduced the concept of Mayhem infections. In that post, they provided very detailed information about the malware, its functionalities and…
SEO spam loading from external site
Krasimir Konov Many websites get compromised and used for SEO in order to drive traffic to other websites that would usually be ranked very low or completely…
Evil Self-Regenerating WordPress Administrator User
Andrey Kucherov Attackers often aim to conceal their presence using different methods, such as injecting redirect scripts, creating spam pages, or hiding a mailer in checkout pages…
When Online Shopping leads to Malware download
Ahmad Azizan Idris Recently, during an incident response process, we worked on an interesting Magento website. This site was reported to having a strange redirection when users visited…
Expired Domain Leads to WordPress Plugin Redirects
A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen…
Small One-liner Backdoor
Samuel Odendaal During an incident response investigation, we detected an interesting backdoor that was small but had the potential to give the attacker full access to your…
JavaScript Used to Generate Malicious Documents
When talking about compromised environments, we often think that the website itself is the end goal but that’s not always true. In some cases, attackers…
Decoding Complex Malware – Step-by-Step
Rodrigo Escobar When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code…