Website Security News
We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of infections that install fake plugins with backdoor functionality. Malicious Plugins Sourced from UpdraftPlus Attackers have been using different names for these fake plugins, including initiatorseo…
When cleaning websites, we regularly find phishing pages, malicious code injected into files, and SEO spam. However, over the past couple of months we’ve also noticed a considerable increase in…
Read More about Cryptominers & Backdoors Found in Fake Plugins
There’s no doubt that the ubiquitous “forgot your password?” feature has helped many users who’ve misplaced their password or otherwise forgotten it, however—the tradeoff is that it can result in…
It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In…
Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as it can to help them…
Single sign-on (SSO) allows users to sign into a single account (e.g Google) and access other services like YouTube or Gmail without authenticating with a separate username and password. This…
Read More about Fake SSO Used In Multi-Email Provider Phishing
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of WordPress’ update_option() function. This function is used to update a…
Read More about Misuse of WordPress update_option() function Leads to Website Infections
Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are. What is Cryptocurrency? Cryptocurrency is best thought of…
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its operations, the scale of infections…
Read More about TimThumb Attacks: The Scale of Legacy Malware Infections
A hack or cyber attack is the act of maliciously entering, taking control over, or manipulating by force a web application, server, or file that belongs to someone else. Cyber…
Read More about What Hackers Do after Gaining Access to a Website
Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP file that acts as a…
