Backdoor in Fake Joomla! Core Files
Fioravante Souza We usually write a lot about obfuscation methods on Sucuri Labs and here on the blog. Sometimes we write about free tools to obfuscate your…
Mobile conditional redirect hidden in the database
Krasimir Konov We recently found a website that was redirecting mobile users to a third-party site called chickenkiller .com, after further investigation we found that the malware was…
Hacked Website Report – 2016/Q1
Daniel Cid Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our…
Secure Coding: How to Account for Input Sanitization
Rodrigo Escobar On average, a website leverages around 18-20 different plugins in its structure. These plugins enhance the website’s functionality and in some instances extend the applications…
Domain Validation: SSL’s Other Job
Jon Watson SSL certificates are a hot topic today. Website owners are becoming increasingly aware that collecting information on non-HTTPS secured pages is a bad idea and…
New Wave of the Test0.com/Test5.xyz Redirect Hack
Denis Sinegubko Last week we described the hack that randomly redirected site visitors either to a parked test0 .com domain or to malicious sites via the default7 .com…
Finding Conditional Drupal Database Spam
Nobody likes spam. It’s never fun (unless you’re watching Monty Python). For us it comes with the territory; removing SEO spam has been at the…
Hiding Links Behind Punctuation Marks
In black hat SEO schemes, some links don’t have to have descriptive anchor keywords. For example, if their only purpose is help search engine crawlers…
Analyzing ImageTragick Exploits in the Wild
Three days ago the ImageMagic (also known as, ImageTragick) vulnerability was released to the world. We’ve been actively monitoring this vulnerability, and have discovered a…
Host’s Alternative Domain Names May Hide Malware
To make malicious injections look less suspicious, hackers like to use domains that look credible. It may be some typo domain like google-analystisc[.]com instead of…
WordPress Redirect Hack via Test0.com/Default7.com
Update 9/14/16: We released a new guide that provides better instructions on how to clean a hacked WordPress site using the Free WordPress security plugin.…