Website Malware – The SWF iFrame Injector Evolves
Peter Gramantik Last year, we released a post about a malware injector found in an Adobe Flash (.swf) file. In that post, we showed how a SWF…
Browsing Category
Website Malware Infections
839 posts
WordPress Malware Causes Psuedo-Darkleech Infection
Denis Sinegubko Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to insert hidden iframes with certain…
Why Website Reinfections Happen
Val Vesa I joined Sucuri a little over a month ago. My job is actually the Social Media Specialist, but we have this process where regardless of…
Inverted WordPress Trojan
A trojan (or trojan horse) is software that does (or pretends to be doing) something useful but also contains a secret malicious payload that inconspicuously…
Why A Free Obfuscator Is Not Always Free.
We all love our code but some of us love it so much that we don’t want anyone else to read or understand it. When…
Analysis of the Fancybox-For-WordPress Vulnerability
Marc-Alexandre Montpas We were alerted last week of a malware outbreak affecting WordPress sites using version 3.0.2 and lower of the fancybox-for-wordpress plugin. As announced, here are some of the…
Analyzing Malicious Redirects in the IP.Board CMS
Although the majority of our posts describe WordPress and Joomla attacks (no wonder, given their market-share), there are still attacks that target smaller CMS’s and…
Zero-day in the Fancybox-for-WordPress Plugin
Daniel Cid Update: We posted an analysis of the vulnerability following this post. Our research team was alerted to a possible malware outbreak affecting many WordPress websites.…
Bogus Mobile-Shortcuts WordPress Plugin Injects SEO Spam
Ben Martin Here at Sucuri we see countless cases of SEO spam where a website is compromised in order to spread pharmaceutical advertisements or backlinks to sites…
DDoS from China – Facebook, WordPress and Twitter Users Receiving Sucuri Error Pages
Over the past few weeks our Security Operation Center (SOC) has been seeing some unique and very suspicious requests to some of our servers. At…
Websites Compromised with CloudFrond Injection
Fioravante Souza If you haven’t already noticed, we spent a good deal of time scraping the bottom of the interweb barrel. It’s dirty work, but someone has…