Server-level Cryptominer Injections
Cesar Anjos During an investigation on a recent case, we came across a malware infection that came directly from the server. Upon further inspection, we found that…
Browsing Category
Website Security
1031 posts
Naive CoinHive Injections
Denis Sinegubko Since CoinHive domain made it into many blacklists, attackers began avoiding linking to the hosted library file https://coinhive .com/lib/coinhive.min.js. Instead, they uploaded this file to…
Using Google and Facebook to aid on distribution
Fioravante Souza Every now and then I check my spam mail box for interesting malware (yes, I receive a lot of phishing messages and alerts that my…
Backdoor using paste site to host payload
Bruno Zanelato Over the last months, we’ve been talking a lot about new ways to decode complex malwares that involve the usual PHP functions like eval, create_function,…
IPv6 address in malicious Javascript redirect
Luke Leal We recently came across a file that shows an interesting case with a Javascript malicious code injection in a website’s custom script file, though it’s…
Formidable Forms / Shortcodes Ultimate Exploits In The Wild
Marc-Alexandre Montpas On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are…
Fake jQuery and Google Analytics Hide Yet Another Cryptominer
This is a quick posts about yet another quite massive attack that installs CoinHive JavaScript Monero miners on compromised websites. You might have already read…
Why Attackers Hack Small Sites
Pilar Garcia You would never leave the front door to your house wide open when you’re not home would you? Doing so would allow criminals to seize…
Books SEO Spam
Fernando Barbosa We already discussed in our blog some cases where the attacker uploaded a full ready-to-use website in order to promote their products and services. This…
Hacked Websites Mine Cryptocurrencies
Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this every day in the…
Soccer spam. Really?
In the last few months, we’ve covered several cases of SEO Spam in our labs and blog that were promoting products and services ranging from…