Website Security News
When we investigate compromised websites, it’s not unusual to find malicious files that have been obfuscated through forms of encoding or encryption — however, these are not the only methods that attackers use to obfuscate code. Obfuscation via Predefined PHP Variables Here’s an example of…
We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot. What was especially frustrating for the…
Read More about Abused Cloudflare Workers Service Used to Inject Korean SEO Spam
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…
There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method of digital communication can be…
We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / Sucuri team,…
Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request looks like: Users see a…
Read More about Fake Browser Updates Push Ransomware and Bank Malware
The most effective phishing and malware campaigns usually employ one of the following two age-old social engineering techniques: Impersonation These online phishing campaigns impersonate a popular brand or product through…
Read More about Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware
Here at Sucuri, we clean WordPress websites every day. There are various types of common malware, but when we stumble upon a different scenario, our research team likes to dig…
Read More about Spam Injector Disguised as License Key in WordPress Website
Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate the unusual website behavior in order to understand how…
Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compliant with the EU…
Read More about Cookie Consent Script Used to Distribute Malware
We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to SEO spam campaigns through…
Read More about Malware Serving SEO Spam from External Sites
