doc.google.com.TROJAN
Fernando Barbosa During an incident response process, we identified some files located at a website’s root folder. Although they had different filenames (post.php, news.php, home.php, etc), they…
Browsing Category
Website Malware Infections
839 posts
Set your Cookie, Execute a Command
Yuliyan Tsvetkov Backdoors evolve. They tend to get more complex, harder to understand and harder to decode, but this is not always the case. Most of the…
One, two, three… CC stolen!
Attackers work hard to make their code very well hidden from the victim and antivirus products, however they might leave some fingerprints (usually not on…
vBulletin Used to Show Malicious Advertisements
Cesar Anjos In the past, we have seen a massive amount of vBulletin websites compromised through the VBSeo Vulnerability. Attackers have been infecting vBulletin websites since 2012…
Monetized JavaScript Redirect to Free Porn Webcams for Mobile Devices
Attackers will do desperate and obvious things to boost the views of their ‘customers’. On a daily basis we find different malicious redirects (some are…
Ghost from the Past
Denis Sinegubko Some sites may stay infected or not properly cleaned for years. Eventually, they come to us and we clean them. It doesn’t matter whether the…
When malware injection goes wrong
Ben Martin Today while scanning a client’s website, I found a failed attempt by attackers to hide the location of a backdoor. It is very common for…
Spam content injection
Samuel Odendaal During a recent incident response investigation, we detected an infected website loading spam content from another location. The malware was responsible for fetching the spam…
Joomla Security – Pornography Spam Campaign in the Wild
Bruno Zanelato One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a…
WordPress Security – Fake TrafficAnalytics Website Infection
Rodrigo Escobar Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for…
.user.ini SPAM SEO Redirect
John Castro Since PHP 5.3.0, PHP includes support for configuration INI files on a per-directory basis that has the same effect (depending on the case) that the…