Magento Phishing Leverages JavaScript For Exfiltration
Luke Leal During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd…
Browsing Category
Website Security
1012 posts
Redirects to YouTube Defacement Channel
During a recent investigation, we found an infected website was redirecting to YouTube after its main index.php file had been modified to include the following…
Opening the Conversation about Website Security
Stephen Johnston The responsibility of ensuring that a website is protected falls on the website owner, but the security expectation may fall on the web service provider…
Backdoor Shell Dropper Deploys CMS-Specific Malware
Krasimir Konov A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and…
GFX Xsender Hack Tool: A Spam Mailer
PHP hack tools are created and used by attackers to help automate frequent or tedious tasks. During a recent investigation, we came across a hack…
Malicious Pop-up Redirects Baidu Traffic
Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. \ During a recent investigation, we…
Backdoor Obfuscation: tempnam & URL Encoding
In an attempt to avoid detection, attackers and malware authors are always experimenting with different methods to obfuscate their malicious code. During a recent investigation,…
Magento Credit Card Stealing Malware: gstaticapi
Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information.…
Malicious One-Liner Using Hastebin
Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a…
Phishing Page Targets AT&T’s Employee Multi-Factor Authentication
Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than…
The Hidden PHP Malware that Reinfects Cleaned Files
Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if…