Security Archive – Case Study: phpbb.com Compromised
Daniel Cid Security Archive: It is important to remember past security incidents to make sure we don’t commit the same mistakes over and over again. The idea…
Browsing Category
Website Malware Infections
863 posts
Joomla Hacks – Part I – Phishing
Tony Perez Joomla is a very popular open source CMS, dominating approximately 10% of the website market. While great for them, horrible for many others, as being…
Open Source Backdoor – Copyrighted Under GNU GPL
Rodrigo Escobar Malware code can be very small, and the impact can be very severe! In our daily tasks we find a lot of web-based malware that…
OpenX.org Compromised and Downloads Injected with a Backdoor
We received reports that OpenX.org was compromised and the OpenX download files had a backdoor injected in them. According to Heise (in German), the malicious…
More Creative Backdoors – Using Filename Typos
Estevao Avillez When a site gets compromised, one thing we know for sure is that the attackers will leave some piece of malware in there to allow…
HideMeBetter – SPAM injection Variant
Compromised sites being injected with SPAM SEO is something we deal very often. A few months ago we wrote about a wave of SPAM injections…
Phishing 2.0 – Credit Card Redirection on Compromised Sites
We have seen it all when it comes to compromised sites: from silly defacements, to malware, spam, phishing and all sorts of injections. However, the…
Malware Hidden Inside JPG EXIF Headers
A few days ago, Peter Gramantik from our research team found a very interesting backdoor on a compromised site. This backdoor didn’t rely on the…
SSH Brute Force – The 10 Year Old Attack That Still Persists
Three years later we are still seeing SSH brute force attacks compromising sites on a frequent basis. One of the first server-level compromises I had…
vBulletin Infections from Adabeupdate
vBulletin is a popular forum platform that is also starting to become a popular target for web attacks. vBulletin (and vbSEO) had some serious security…
Malware Infection – Blocked by Day Limit
This week while working on a compromised site, I found an interesting variation of the Blackhole injection. We work with many sites injected with Blackhole,…