Injection of Unwanted Google AdSense Ads
Denis Sinegubko During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-up…
Browsing Category
Website Malware Infections
858 posts
Database and Image Tricks in Magento Malware
Magento malware that steals details of customer credit cards is a prevalent problem during the last couple of years. We write a lot about various…
Spamming Stopped by Pastebin
We wrote multiple times about malware attacks that store their scripts on Pastebin.com and load them either to the server once they break into it…
Release the Prisoners – Rename .Suspected Backdoors
Andrey Kucherov When webmasters or hosting companies look for malware, they usually search for encrypted code, encoded payloads, suspicious functions and much more. If they happen to…
Website Malware Targets Mobile Platforms
Cesar Anjos Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up…
Web shell downloader – simple attempt to avoid detection
Yuliyan Tsvetkov When dealing with compromised scenarios, our team has to be very thorough to remove all pieces of malware in the infected website. Most of the…
PrestaShop Attack Steals Login Credentials
Moe O Attackers compromise sites with a number of goals in mind – also referred to as actions on objective. In some instances they aim to abuse…
Unrestricted Backend Login Backdoor on OpenCart
From the attacker’s perspective, creating ways to maintain access to a compromised website is desirable. We call them backdoors. Backdoors can be done in different…
New XM1RPC SEO Spam and Backdoor Campaign
Fernando Barbosa We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1RPC campaign…
SSH Brute Force Compromises Leading to DDoS
Daniel Cid A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via…
A Plugin’s Expired Domain Poses a Security Threat to Websites
Krasimir Konov Do you keep all of your website software (including third-party themes, plugins, and components) up to date? You should! We always recommend this to our…