Skimmers and Phishing
Denis Sinegubko Recently, we shared a post about a network of domains used in a JavaScript credit card stealing malware campaign. These domains are all hosted on…
Browsing Category
Website Security
1024 posts
How to Create a Website Maintenance Plan & Contract
Victor Santoyo In my years of experience working alongside agencies, I’ve realized that managed providers and other web pros who offer website maintenance to their clients, have…
Troldesh Ransomware Dropper
Luke Leal Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP…
Hydro-Quebec phishing
We have found an interesting phishing kit containing numerous phishing pages which target large, popular brands like Amazon and Paypal. What was interesting about this…
Magento Skimmers: From Atob to Alibaba
Last year we saw a fairly massive Magento malware campaign that injected credit card stealing code similar to this: It uses the JavaScript atob function…
Autoloaded Server-Side Swiper
Front-end JavaScript-based credit card stealing malware has garnered a lot of attention within the security community. This makes sense, since the “swipers” can be easily…
User adder backdoor
Cesar Anjos As we’ve seen many times before, there are a variety of backdoors that can be planted on a website. Post-compromise, it’s almost mandatory to review…
Malicious Plugin Used to Encrypt WordPress Posts
Krasimir Konov During a recent cleanup, we found an interesting malicious WordPress plugin, “WP Security”, that was being used to encrypt blog post content. The website owner…
EE wireless provider phishing malware
A large number of phishing targets include popular services such as banks, payment providers, and email services. In this type of attack, fraudsters create fake…
Neapolitan Backdoor Injection
Ben Martin Most of us are familiar with Neapolitan ice cream: a flavour whose distinguishing characteristic is not one single flavour but several. Many also know it…
New variant of “trollherten” malware
We continue to see new variations of obfuscation used to hide a PHP backdoor that began to be heavily used by malicious users in late…