Massive 1800ForBail WordPress Hacks
Denis Sinegubko Sucuri malware analyst Kaushal Bhavsar recently brought our attention to a massive campaign responsible for adding either “1800ForBail” or “1800ForBail – One+Number” keywords to the…
Browsing Category
WordPress Security
666 posts
Plugins Under Attack: June 2019
John Castro A long-lasting malware campaign (1,2) targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites. As…
Spam Injector Masquerading as Google Analytics
Keith Petkus The domain en-google-analytic[.]com, currently sinkholed by a security intelligence company, has been observed by our team to be part of a mass spam injection campaign.…
Leveraging Stored Procedures for Nefarious Purposes
Bruno Zanelato Here at Sucuri, we clean thousands of websites on a daily basis, and while some of them are easy to solve, others may require more…
Hiding a Hacktool Using a .jpg Extension
Gabriel Barbosa Hackers will do anything to hide their intentions behind the files they upload to compromised websites. This time, we’ve found a hacktool hidden inside a…
Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites
This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world —…
OS Command Injection in WP-Database-Backup
Marc-Alexandre Montpas On May 28th, a critical OS Command Injection vulnerability affecting the WP-Database-Backup plugin was disclosed to the public by the Wordfence team. This is a…
WordPress Hacks: 5 Ways to Protect WordPress from Hacking
Dutch Hill WordPress is one of the most popular content management systems (CMS) out there. That’s why it is vital to prevent WordPress hacking. Statistically, over 33%…
Malware Campaign Evolves to Target New Plugins: May 2019
A long-lasting malware campaign targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites. Easily automated…
Return to the City of Cron – Malware Infections on Joomla and WordPress
Luke Leal We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had…
Threat intelligence gathering from slight changes in malicious code samples
We found the following PHP backdoor in August 2018 along with other malware samples uploaded after hackers exploit a specific vulnerable WordPress plugin covered in…