OneTone Vulnerability Leads to JavaScript Cookie Hijacking
Luke Leal A vulnerability in the discontinued WordPress theme OneTone has been added to an ongoing campaign that is targeting vulnerable WordPress websites and causes malicious redirects…
What is online gambling spam and what can I do about it?
Art Martori When it comes to online gambling spam, first think about fantasies of fame and fortune. Who hasn’t imagined defying the odds at an exotic casino?…
Analysis of a WordPress Credit Card Swiper
Ben Martin While working on a recent case, I found something on a WordPress website that is not as common as on Magento environments: A credit card…
Spl_autoload Backdoor
Denis Sinegubko With backdoors, one of the main challenges for malware authors is to execute code without using obvious functions (such as eval, asset, create_function, etc.) that…
Top 10 Hacks & Attacks from 2019
Last year was a busy one in the world of website security. Our 2019 Threat Research Report shows that over 60% of websites we cleaned…
Phishing with a COVID-19 Lure
It’s not uncommon to see criminals use disasters or current events to enhance their social engineering tactics, and the recent COVID-19 pandemic is no different.…
Analyzing & Decrypting L4NC34’s Simple Ransomware
Cesar Anjos We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact…
Fake License.txt File Loaded Through PHP Include
Our team recently found a malicious injection located within a PHP include. The redirect occurs via the include function, which includes a file inconspicuously named…
Face Mask Spam Links Injected in WordPress Database
During a recent malware removal request, we found a compromised WordPress site being used to redirect to spam websites. The campaign was leveraging an increase…
How to Find & Fix the Japanese Keyword Hack
If you’re wondering how to find and fix the Japanese keyword hack, get started by identifying a real-life example. First, open Google Translate, and then…
Multi-Step Phishing Kit Targeting Credit Union
Phishing attacks can come in all shapes and sizes. Posing a serious threat to industries large and small, phishing campaigns are the fraudulent attempt to…