New XM1RPC SEO Spam and Backdoor Campaign
Fernando Barbosa We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1RPC campaign…
Browsing Category
Website Malware Infections
839 posts
SSH Brute Force Compromises Leading to DDoS
Daniel Cid A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via…
A Plugin’s Expired Domain Poses a Security Threat to Websites
Krasimir Konov Do you keep all of your website software (including third-party themes, plugins, and components) up to date? You should! We always recommend this to our…
Phishing Attacks Target Ecommerce Checkout Pages
Denis Sinegubko Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where…
New Realstatistics Attack Vector Compromising Joomla Sites
Caleb Lane Nov 2016 Update: If your Joomla site has been hacked, you can follow our guide to fixing it. Read the Guide! Over the past few…
Realstatistics Malware Campaign Uses Fake Analytics Sites
In this post we’ll show you the tactics employed by the realstatistics malware campaign to make their injections seem less suspicious. The injection looks like…
Realstatistics Malware Campaign Leads To Ransomware
Our Incident Response Team (IRT) has been tracking a mass infection campaign over the last two weeks ( codenamed “Realstatistics“). This campaign has compromised thousands of websites built…
200k+ Parked/Expired Domains Used to Distribute Malicious Ads
Douglas Santos Recently we wrote about domain renewal scams that used real paper letters to tricks site owners into transferring their domains and renewing them for 3-4x…
New Wave of the Test0.com/Test5.xyz Redirect Hack
Last week we described the hack that randomly redirected site visitors either to a parked test0 .com domain or to malicious sites via the default7 .com…
Analyzing ImageTragick Exploits in the Wild
Three days ago the ImageMagic (also known as, ImageTragick) vulnerability was released to the world. We’ve been actively monitoring this vulnerability, and have discovered a…
WordPress Redirect Hack via Test0.com/Default7.com
Update 9/14/16: We released a new guide that provides better instructions on how to clean a hacked WordPress site using the Free WordPress security plugin.…