WordPress Malicious Plugin – WPPPM – Abusing 404 Redirects with SEO Poisoning
Tony Perez Bruno Borges, of our security team, came across an interesting case this week, in which a WordPress plugin was abusing the 404 rewrite rules and…
Browsing Category
Website Malware Infections
840 posts
Mass WordPress Brute Force Attacks? – Myth or Reality
Daniel Cid We are seeing in the media some noise about a large distributed brute force attacks against all hosts targeting WordPress sites. According to reports, they…
When Good Plugins Go Bad – SEO Spam on Joomla Websites
We recently published an article about an interesting case where a very popular WordPress Plugin (Social Media Widget), with more than 900,000 downloads, got sold…
2012 Web Malware Trends Report Summary
Sucuri is a website security company focused on the detection and remediation of web malware. In 2012, via our SiteCheck scanner, we scanned 9,953,729 unique…
Payday Loan Spam affecting Thousands of Sites
One of the most important metrics used by search engines to rank a site is the number of link backs that it has. The more…
Linux Based SSHD Rootkit Floating The Interwebs
For the past couple of days we have been a lot of discussion on a number of forums about a potential kernel rootkit making its…
cPanel Inc. Server Compromised
It’s unclear on the specifics, but it appears the following letter is going out to cPanel users that have submitted a ticket in the last…
Website Malware – Fixing Joomla SPAM Hacks – Conditional Payloads
Our Senior Malware Engineer, Fioravante Cavallari, is at it again. I think he has made it his personal mission in life to expel all Joomla…
NBC Website HACKED – Be Careful Surfing
Breaking, the NBC site is currently compromised and blacklisted by Google. Anyone that visits the site (which includes any sub page) will have malicious iframes…
Sneaky Joomla Web Malware – JavaScript Infections
So the past week has been interesting, we have been having fun with a few JavaScript infections that really forced us to put on our…
Large Scale Compromises Leading to Traffic Distribution System
For the last few weeks we’ve been tracking a large scale decentralized Traffic Distribution System (TDS). It’s using hundreds of compromised sites as their first…