Continuing attacks against osCommerce: khcol.com
David Dede Busy week for osCommerce in terms of malware. First, the div_colors string, then, the CreateCSS string, and now, we are seeing thousands of osCommerce sites…
Browsing Category
Website Malware Infections
864 posts
LizaMoon Mass SQL injection (ur.php) – Updates
There has been a lot of talk for the last few days about a mass sql injection targeting IIS/ASP.net sites. Those attacks has been going…
Database injection, lessthenaminutehandle.com and more updates
We posted a few weeks ago about a large scale database injection attack affecting WordPress on shared hosts. The infected sites got the following javascript…
The “div_colors” Malware Update
We are still seeing a big growth in the number of sites infected with the div_colors malware string. In fact, the osCommerce forums are full…
Malware week: The div_colors, CreateCSS and others
We are starting to see an interesting trend regarding how the latest web-based malware is being distributed. Instead of heavily encoding the malicious code on…
Database injection and lessthenaminutehandle.com – Intermediary domains
We posted a few days ago about a large scale database injection attack affecting shared hosts. The infected sites got the following javascript malware inserted…
Attacks against IIS/ASP sites – alisa-carter dot com
Over the last few days, we’ve seen a number of sites getting hacked with a malware script pointing to http://alisa-carter.com/ur.php . It is done using…
Database injection, Hilary Kneber and lessthenaminutehandle dot com
We posted a few weeks ago about a database injection attack that infected thousands of WordPress blogs on shared hosts. At that time, the attackers…
Solution for the link injection spam from basicpills
We recently posted about a large scale blackhat SEO campaign by basicpills that infected thousands of WordPress sites over the last few weeks. A lot…
Link injection, basicpills dot com and Blackhat SEO spam
For the last few weeks we’ve been tracking a very large blackhat SEO spam campaign initiated by basicpills.com, generic-ed-pharmacy.com, getrxpills.com and a few other domains…
Malware week – 0133.0331.0242.0033, javadisplay and more
Very busy week in terms of malware. First Hilary Kneber decided to make a come back, inlovebot.com and crazymasya.com reinfected a lot of sites, and…