Funny Spammers: Any Reproduction of This Document in Part or in Whole is Strictly Prohibited
David Dede Spam is nothing new, but a recent site we were reviewing was a bit different. After a bit of analysis, we found a file called…
Browsing Category
Website Malware Infections
863 posts
Ask Sucuri: Why Do I Only Get Malware Warnings on Certain Browsers?
Daniel Cid A few days ago, our scanner alerted that a site had malware related to the Blackhole Exploit Kit. The owner of the site said that…
Blacklist Warnings for Users of the Stream-Video-Player WordPress Plugin
If you are using the plugin stream-video-player, it might be a good idea to disable this plugin for now. The plugin loads a Flash player…
Malware Being Called From Your php.ini File
Is your site infected with malware, and you can’t find it anywhere? It might be a good idea to search outside of your web directory,…
The New (and Old) .htaccess Attacks – Now Using .in Domains
We have been talking about .htaccess redirections for a while. A site gets compromised and the attackers modify the .htaccess file(s) to redirect any search…
Htaccess Redirection to Sweepstakesandcontestsinfo dot com
Last week we started to see a large increase in the number of sites compromised with a .htaccess redirection to http://sweepstakesandcontestsinfo.com/nl-in.php?nnn=555. This domain has been…
Timthumb.php Mass Infection – Aftermath – Part I
If you use WordPress you’re probably aware of the mass infection caused by a vulnerability in the timthumb.php script, a photo manipulation script included in…
Evil backdoors – Part II
A few months ago we did a post about backdoors, explaining how they work and how to look for them. If you didn’t read it,…
Mass infections from jjghui.com/urchin.js (SQL injection)
We are seeing many sites compromised with malware from jjghui.com/urchin.js. Most of them are IIS/ASP sites and the infection method seems to be similar to…
Malware on /etc/mailquota
We are seeing an interesting trend lately. A site gets compromised and starts to distribute malware to its users. The webmaster (owner of the site)…
Malware Infections from rebotstat dot com
We are starting to share some of our research and view of web-based malware online: http://sucuri.net/global. The #1 infection we are seeing in the last…