• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Conditional Malware

Labs Note

October 6, 2020Krasimir Konov

Backdoor Shell Dropper Deploys CMS-Specific Malware

A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want. Another common scenario includes malware which is directly injected into a website’s files and used…

Read More about Backdoor Shell Dropper Deploys CMS-Specific Malware

Fake WordPress Plugin SiteSpeed Hosts Malicious Ads & Backdoors

July 16, 2020Krasimir Konov

Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors

Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites. During a recent investigation, we discovered a fake component which was masquerading…

Read More about Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors

Poste Italiane Phishing

April 29, 2020Luke Leal

Phishing Campaign Targets Poste Italiane & SMS OTP Verification

When creating phishing lures, attackers may cite recent major regulatory changes within the context of their social engineering scheme to confuse or further entice victims into clicking a link or…

Read More about Phishing Campaign Targets Poste Italiane & SMS OTP Verification

WordPress Redirect Hack via Test0.com/Default7.com

April 21, 2020Luke Leal

Obfuscated WordPress Malware Dropper

It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating their malicious code to make…

Read More about Obfuscated WordPress Malware Dropper

March 25, 2020Luke Leal

Assemble the Cookies

When we investigate compromised websites, it’s not unusual to find malicious files that have been obfuscated through forms of encoding or encryption — however, these are not the only methods…

Read More about Assemble the Cookies

CloudFlare Workers Service Korean SEO Spam

February 13, 2020Luke Leal

Abused Cloudflare Workers Service Used to Inject Korean SEO Spam

We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot. What was especially frustrating for the…

Read More about Abused Cloudflare Workers Service Used to Inject Korean SEO Spam

Hacked Website Threat Report 2019

January 28, 2020Rianna MacLeod

Hacked Website Threat Report – 2019

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…

Read More about Hacked Website Threat Report – 2019

Online Credit Card Theft - A Brief Overview of Online Fraud and Abuse

October 28, 2019Luke Leal

Fake French Police Sextortion Scam

There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method of digital communication can be…

Read More about Fake French Police Sextortion Scam

Labs Note

March 28, 2019Moe O

Conditional redirection to an online pharmacy store

During an investigation, a client reported some weird behavior from all incoming visits during their Google search engine result clicks are instantly redirected to an online pharmacy store. This occurred…

Read More about Conditional redirection to an online pharmacy store

Hacked Website and Malware Trend Analysis for 2018

March 4, 2019Rianna MacLeod

Hacked Website Trend Report – 2018

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / Sucuri team,…

Read More about Hacked Website Trend Report – 2018

Fake Browser Updates Push Ransomware and Bank Malware

February 28, 2019Denis Sinegubko

Fake Browser Updates Push Ransomware and Bank Malware

Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request looks like: Users see a…

Read More about Fake Browser Updates Push Ransomware and Bank Malware

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.