Web shell downloader – simple attempt to avoid detection
Yuliyan Tsvetkov When dealing with compromised scenarios, our team has to be very thorough to remove all pieces of malware in the infected website. Most of the…
Browsing Category
Website Malware Infections
864 posts
PrestaShop Attack Steals Login Credentials
Moe O Attackers compromise sites with a number of goals in mind – also referred to as actions on objective. In some instances they aim to abuse…
Unrestricted Backend Login Backdoor on OpenCart
Cesar Anjos From the attacker’s perspective, creating ways to maintain access to a compromised website is desirable. We call them backdoors. Backdoors can be done in different…
New XM1RPC SEO Spam and Backdoor Campaign
Fernando Barbosa We have been monitoring a new campaign specifically targeting WordPress sites, using hundreds of them for SEO spam distribution. We call it the XM1RPC campaign…
SSH Brute Force Compromises Leading to DDoS
Daniel Cid A few weeks ago we ran an experiment to see how long it would take for some IPv4-only and IPv6-only servers to be compromised via…
A Plugin’s Expired Domain Poses a Security Threat to Websites
Krasimir Konov Do you keep all of your website software (including third-party themes, plugins, and components) up to date? You should! We always recommend this to our…
Phishing Attacks Target Ecommerce Checkout Pages
Denis Sinegubko Hunting credit card details on compromised ecommerce websites has become popular over the last two years. We have reported multiple cases in the past where…
New Realstatistics Attack Vector Compromising Joomla Sites
Caleb Lane Nov 2016 Update: If your Joomla site has been hacked, you can follow our guide to fixing it. Read the Guide! Over the past few…
Realstatistics Malware Campaign Uses Fake Analytics Sites
In this post we’ll show you the tactics employed by the realstatistics malware campaign to make their injections seem less suspicious. The injection looks like…
Realstatistics Malware Campaign Leads To Ransomware
Our Incident Response Team (IRT) has been tracking a mass infection campaign over the last two weeks ( codenamed “Realstatistics“). This campaign has compromised thousands of websites built…
200k+ Parked/Expired Domains Used to Distribute Malicious Ads
Douglas Santos Recently we wrote about domain renewal scams that used real paper letters to tricks site owners into transferring their domains and renewing them for 3-4x…