Conditional Malware Archives

Backdoor Shell Dropper Deploys CMS-Specific Malware

Krasimir Konov
October 6, 2020

A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and…

Read the Post

Fake WordPress Plugin SiteSpeed Hosts Malicious Ads & Backdoors

Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors

Krasimir Konov
July 16, 2020

Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites. During a recent investigation, we discovered a…

Read the Post

Phishing Campaign Targets Poste Italiane & SMS OTP Verification

Luke Leal
April 29, 2020

When creating phishing lures, attackers may cite recent major regulatory changes within the context of their social engineering scheme to confuse or further entice victims…

Read the Post

WordPress Redirect Hack via Test0.com/Default7.com

Obfuscated WordPress Malware Dropper

Luke Leal
April 21, 2020

It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating…

Read the Post

Assemble the Cookies

Luke Leal
March 25, 2020

When we investigate compromised websites, it’s not unusual to find malicious files that have been obfuscated through forms of encoding or encryption — however, these…

Read the Post

CloudFlare Workers Service Korean SEO Spam

Abused Cloudflare Workers Service Used to Inject Korean SEO Spam

Luke Leal
February 13, 2020

We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot. What…

Read the Post

Hacked Website Threat Report – 2019

Rianna MacLeod
January 28, 2020

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop…

Read the Post

Online Credit Card Theft - A Brief Overview of Online Fraud and Abuse

Fake French Police Sextortion Scam

Luke Leal
October 28, 2019

There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method…

Read the Post

Conditional redirection to an online pharmacy store

Moe O
March 28, 2019

During an investigation, a client reported some weird behavior from all incoming visits during their Google search engine result clicks are instantly redirected to an…

Read the Post

Hacked Website and Malware Trend Analysis for 2018

Website Security

Hacked Website Trend Report – 2018

Rianna MacLeod
March 4, 2019

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the…

Read the Post

Fake Browser Updates Push Ransomware and Bank Malware

Denis Sinegubko
February 28, 2019

Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request…

Read the Post