Compromised OpenCart Payment Module Steals Credit Card Information
Ben Martin Today’s story starts much the same as many others on this blog: A new client came to us reporting that credit card details were being…
Browsing Category
Website Malware Infections
854 posts
From Google DNS to Tech Support Scam Sites: Unmasking the Malware Trail
Denis Sinegubko A vast majority of website malware employ the ever-familiar HTTP/HTTPS protocols for its malicious activities. But, we also periodically confront more interesting hybrid malware leveraging…
SiteCheck Remote Website Scanner — Mid-Year 2023 Report
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide…
Massive Google Colaboratory Abuse: Gambling and Subscription Scam
This investigation started with a small and quite simple piece of PHP malware found on a hacked website. We located the following PHP code, responsible…
Malicious Injection Redirects Traffic via Parked Domain
Puja Srivastava During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The…
Spamdexing: What is SEO Spam & How to Remove It
Rianna MacLeod Ever had an uninvited guest crash your party, resulting in chaos, confusion, and some unhappy visitors? Well, SEO spam is that party crasher — just…
Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…
Website Hacktools: Types, Threats & Detection
When we think about website malware, visible infection symptoms most often come to mind: unwanted ads or pop-ups, redirects to third party sites, or spam…
What Is a Keylogger?
Welcome to the world of keyloggers, where every keystroke you make may be watched, recorded, and potentially used against you! Now that we’ve got your…
Vulnerability in Essential Addons for Elementor Leads to Mass Infection
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by…
Websites Defaced with Belarusian Bottled Water Company Content
It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with…