SiteCheck Remote Website Scanner — Mid-Year 2024 Report
Kyle Knight Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote website scanners may not…
Browsing Tag
Black Hat Tactics
333 posts
Attackers Abuse Swap File to Steal Credit Cards
Matt Morrow When it comes to website security, sometimes the most innocuous features can become powerful tools in the hands of attackers. Such was the case in…
New Variation of WordFence Evasion Malware
Ben Martin We recently came across an infected WordPress environment which contained a new variation of WordFence evasion malware using some sneaky tactics to conceal itself from…
Decoding the Caesar Cipher Skimmer
Over the last several weeks we’ve observed an interesting new variation of “gtag” credit card skimming attack with a surprisingly high number of detections so…
From Privacy to Exfiltration: Telegram’s Role in Website Malware
Krasimir Konov Telegram, a name synonymous with secure messaging, has paradoxically become a tool for cybercriminals who abuse the strengths of the platform to target unsuspecting websites.…
Mal.Metrica Redirects Users to Scam Sites
One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the…
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS
Denis Sinegubko Last August we documented a malware campaign that was injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains. The…
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS
Puja Srivastava We often write about malware that steals payment information from sites built with Magento and other types of e-commerce CMS. However, WordPress has become a…
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise
A new client recently came to us reporting seemingly random pop ups occurring on their website. While it was clear that there was something amiss…
What is .htaccess Malware? (Detection, Symptoms & Prevention)
The .htaccess file is notorious for being targeted by attackers. Whether it’s using the file to hide malware, redirect search engines to other sites with…
New Malware Campaign Found Exploiting Stored XSS in Popup Builder < 4.2.3
In January, my colleague reported about a new Balada Injector campaign found exploiting a recent vulnerability in the widely-used Popup Builder WordPress plugin which was…