SoakSoak Malware Compromises 100,000+ WordPress Websites
Tony Perez This Sunday has started with a bang. Google has blacklisted over 11,000 domains with this latest malware campaign from SoakSoak.ru: Our analysis is showing impacts…
Browsing Category
Website Malware Infections
864 posts
Malvertising on a Website Without Ads
Fioravante Souza When you first configure your website, whether it be WordPress, Joomla, Drupal, or any other flavor of the month, it is often in its purest…
Website Malware Removal: Phishing
Joseph Herbrandson As we continue on our Malware Removal series we turn our attention to the increasing threat of Phishing infections. Just like a fisherman casts and…
RSS Reveals Malware Injections
Denis Sinegubko There are multiple different ways to detect invisible malware on a website: You can scrutinize the HTML code of web pages. Use external scanners like…
The Art of Website Malware Removal – The Basics
When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concern is to understand…
The Dangers of Hosted Scripts – Hacked jQuery Timers
Google blacklisted a client’s website claiming that malicious content was being displayed from “forogozoropoto(dot)2waky (dot)com”. A scan didn’t reveal anything suspicious. The next step was…
Malicious iFrame Injector Found in Adobe Flash File (.SWF)
Peter Gramantik Finding malware in Adobe Flash files (.swf) is nothing new, but it usually affects personal computers, not servers. Typically, a hidden iframe is used to…
Most Common Attacks Affecting Today’s Websites
New web-based attack types and vectors are coming out every day, this is causing businesses, communities and individuals to take security seriously now more than…
Spotting Malicious Injections in Otherwise Benign Code
Being able to spot suspicious code, and then determine whether it is benign or malicious is a very important skill for a security researcher. Every…
Popular Brazilian Site “Porta dos Fundos” Hacked
A very well known Brazilian comedy site, “Porta dos Fundos,” was recently hacked and is pushing malware (drive-by-download) via a malicious Flash executable, as you…
Manipulating WordPress Plugin Functions to Inject Malware
Keir Desailly Most authors of website malware usually rely on the same tricks, making it easy for malware researchers to spot obfuscated code, random files that don’t…