New wave of wp-vcd Malware
Krasimir Konov Recently we saw a new wave of a known malware that injects malicious WordPress admin users to vulnerable or compromised sites.The malware, well analysed by…
Browsing Category
WordPress Security
652 posts
New WordPress Security Guide
Rianna MacLeod WordPress has become the most popular CMS and now powers over 28% of the web. With over 60 million downloads, its popularity makes it a…
Cryptominers on Hacked Sites – Part 2
Denis Sinegubko Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised…
Attackers leveraging WP Maintenance plugin to deface websites
Bruno Zanelato Recently, during a website investigation, we detected that attackers have been modifying the database structure of WP Maintenance plugin (which is a very popular wordpress…
Fake Plugins, Fake Security
Peter Gramantik Update: The plugin name is fake and has nothing to do with the well-known WP-SpamShield plugin in the official WordPress plugin repository. WordPress users are…
Stored Cross-Site Scripting Vulnerability in WordPress 4.8.1
Rodolfo Assis Update 11/03/2017: Read all about vulnerabilities and best practices to secure your website in our newly WordPress Security Guide today! During regular research audits for…
Simple self updating hacktool
Pedro Peixoto While working on a compromised website, it’s very common to encounter hacktools. Those are like the attackers’ swiss knife, allowing them to perform several tasks…
Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data
Over the summer, we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Search and Replace scripts (searchreplacedb2.php). The…
SEO spam loading from external site
Many websites get compromised and used for SEO in order to drive traffic to other websites that would usually be ranked very low or completely…
Evil Self-Regenerating WordPress Administrator User
Andrey Kucherov Attackers often aim to conceal their presence using different methods, such as injecting redirect scripts, creating spam pages, or hiding a mailer in checkout pages…
Expired Domain Leads to WordPress Plugin Redirects
A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen…