More Creative Backdoors – Using Filename Typos
Estevao Avillez When a site gets compromised, one thing we know for sure is that the attackers will leave some piece of malware in there to allow…
Browsing Category
Website Malware Infections
859 posts
HideMeBetter – SPAM injection Variant
Rodrigo Escobar Compromised sites being injected with SPAM SEO is something we deal very often. A few months ago we wrote about a wave of SPAM injections…
Phishing 2.0 – Credit Card Redirection on Compromised Sites
Daniel Cid We have seen it all when it comes to compromised sites: from silly defacements, to malware, spam, phishing and all sorts of injections. However, the…
Malware Hidden Inside JPG EXIF Headers
A few days ago, Peter Gramantik from our research team found a very interesting backdoor on a compromised site. This backdoor didn’t rely on the…
SSH Brute Force – The 10 Year Old Attack That Still Persists
Three years later we are still seeing SSH brute force attacks compromising sites on a frequent basis. One of the first server-level compromises I had…
vBulletin Infections from Adabeupdate
vBulletin is a popular forum platform that is also starting to become a popular target for web attacks. vBulletin (and vbSEO) had some serious security…
Malware Infection – Blocked by Day Limit
This week while working on a compromised site, I found an interesting variation of the Blackhole injection. We work with many sites injected with Blackhole,…
Google Transparency Report – Malware Distribution
Google just released their Malware Distribution Transparency Report, sharing the amount of sites compromised or distributing malware detected by their systems (Safe Browsing program). Google’s…
New Apache Module Injection
For the last few months we have been talking about the Darkleech Apache Module injection that is being used to insert malicious iframes into every…
Apache PHP Injection to JavaScript Files
We have been talking about Apache server-side injections for a while. Ranging from malicious modules, like Darkleech, to modified Apache binaries. From an attacker perspective,…
vBulletin Conditional Malware – myFTP.biz Malicious iFrames
Fioravante Souza We have to be honest here, there’s no fun in cleaning up infected .htaccess files. It’s boring, but it happens a lot! But it’s not…