Massive Google Colaboratory Abuse: Gambling and Subscription Scam
Denis Sinegubko This investigation started with a small and quite simple piece of PHP malware found on a hacked website. We located the following PHP code, responsible…
Browsing Category
Website Malware Infections
840 posts
Malicious Injection Redirects Traffic via Parked Domain
Puja Srivastava During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The…
Spamdexing: What is SEO Spam & How to Remove It
Rianna MacLeod Ever had an uninvited guest crash your party, resulting in chaos, confusion, and some unhappy visitors? Well, SEO spam is that party crasher — just…
Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Ben Martin Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…
Website Hacktools: Types, Threats & Detection
When we think about website malware, visible infection symptoms most often come to mind: unwanted ads or pop-ups, redirects to third party sites, or spam…
What Is a Keylogger?
Welcome to the world of keyloggers, where every keystroke you make may be watched, recorded, and potentially used against you! Now that we’ve got your…
Vulnerability in Essential Addons for Elementor Leads to Mass Infection
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…
Websites Defaced with Belarusian Bottled Water Company Content
It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…
Xjquery Wave of WordPress SocGholish Injections
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
What is Steganography? (Or, How Hackers Hide Malware On Websites)
As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to…
Massive Abuse of Abandoned Eval PHP WordPress Plugin
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…