FakeUpdateRU Chrome Update Infection Spreads Trojan Malware
Ben Martin Fake Google chrome update malware, often associated with the notorious SocGholish infection, is something that we have been tracking for a number of years. It…
Browsing Category
Website Malware Infections
839 posts
Tampered OpenCart Authentication Aids Credit Card Skimming Attack
Using out of date software is the leading cause of website compromise, so keeping your environment patched and up to date is one of the…
Shifting Malware Tactics & Use of Non-Executable .txt & .log Files
Krasimir Konov The malware landscape is constantly evolving — and bad actors are always devising new techniques to evade detection. Our analysts most commonly find website malware…
Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
Denis Sinegubko In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin…
How to Find & Fix Japanese SEO Spam
Puja Srivastava Japanese SEO Spam, also known as “Japanese keyword hack” or “Japanese SEO poisoning,” is a spammy search engine optimization technique used by black hat SEO…
Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images
MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…
Bogus URL Shorteners Go Mobile-Only in AdSense Fraud Campaign
Since September 2022, our team has been tracking a bogus URL shortener redirect campaign that started with just a single domain: ois[.]is. By the beginning…
Compromised OpenCart Payment Module Steals Credit Card Information
Today’s story starts much the same as many others on this blog: A new client came to us reporting that credit card details were being…
From Google DNS to Tech Support Scam Sites: Unmasking the Malware Trail
A vast majority of website malware employ the ever-familiar HTTP/HTTPS protocols for its malicious activities. But, we also periodically confront more interesting hybrid malware leveraging…
SiteCheck Remote Website Scanner — Mid-Year 2023 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide…
Massive Google Colaboratory Abuse: Gambling and Subscription Scam
This investigation started with a small and quite simple piece of PHP malware found on a hacked website. We located the following PHP code, responsible…