Web3 Crypto Malware: Angel Drainer Overview, Variants & Stats
Denis Sinegubko Since January 2024, there has been a notable surge in attacks by a novel form of website malware targeting Web3 and cryptocurrency assets. This malware,…
Browsing Category
Website Malware Infections
860 posts
Remote Access Trojan (RAT): Types, Mitigation & Removal
Ben Martin Remote Access Trojans (RATs) are a serious threat capable of giving attackers control over infected systems. This malware stealthily enters systems (often disguised as legitimate…
New Guide: How to Protect Your Website from Phishing
Rianna MacLeod There are many threats that can harm your website and your users, but one of the most dangerous is phishing. Phishing is a method used…
Detecting & Mitigating an Office 365 Phishing Threat: “Greatness”
Krasimir Konov Emerging in 2022, a phishing tool known as Greatness has caught the attention of our research team due to its coordinated efforts to breach Microsoft…
The Dangers of Lateral Movement & Website Cross Contamination
One of the most frequent problems that we observe in website hosting environments is “cross contamination” — the lateral movement of an attacker between websites.…
How to Fix Google Ads Disapproved Due to Malicious or Unwanted Software
Were your Google Ads just disapproved after a website compromise? Or, are you seeing policy violations for malicious or unwanted software in your Google Ads…
Thousands of Sites with Popup Builder Compromised by Balada Injector
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…
MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer
One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…
Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign
On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators. WordPress sites owners had started receiving emails from WordPress.com…
40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly…
Skimming Credit Cards with WebSockets
If you were to believe shopping mall merchants, you’d think the holiday season starts immediately after Halloween. Christmas trees and candy canes abound, along with…