• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Malvertising

Fake WordPress Plugin SiteSpeed Hosts Malicious Ads & Backdoors

July 16, 2020Krasimir Konov

Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors

Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites. During a recent investigation, we discovered a fake component which was masquerading as a legitimate plugin. Named SiteSpeed, it contained a lot of interesting malicious capabilities. Unwanted…

Read More about Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors

Malicious Activities with Google Tag Manager

April 17, 2018Cesar Anjos

Malicious Activities with Google Tag Manager

If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But…

Read More about Malicious Activities with Google Tag Manager

Javascript Injection Creates Rogue WordPress User

December 14, 2017Douglas Santos

Javascript Injection Creates Rogue WordPress Admin User

Earlier this year, we faced a growing volume of infections related to a vulnerability in outdated versions of the Newspaper and Newsmag themes. The infection type was always the same:…

Read More about Javascript Injection Creates Rogue WordPress Admin User

June 20, 2017Fernando Barbosa

Unwanted “Shorte St” Ads in Unpatched Newspaper Theme

Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove intrusive “shorte st” ads that…

Read More about Unwanted “Shorte St” Ads in Unpatched Newspaper Theme

Labs Note

May 10, 2017Abdelli Nassereddine

Tricky malvertising injections

When a website is compromised, one of the most interesting and challenging tasks we perform is identifying all malware to prevent attackers from regaining access to the resource. They may…

Read More about Tricky malvertising injections

March 6, 2017Cesar Anjos

vBulletin Used to Show Malicious Advertisements

In the past, we have seen a massive amount of vBulletin websites compromised through the VBSeo Vulnerability. Attackers have been infecting vBulletin websites since 2012 with this malware, and more…

Read More about vBulletin Used to Show Malicious Advertisements

February 17, 2017Rodrigo Escobar

WordPress Security – Fake TrafficAnalytics Website Infection

Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics…

Read More about WordPress Security – Fake TrafficAnalytics Website Infection

January 10, 2017Denis Sinegubko

Injection of Unwanted Google AdSense Ads

During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-up ads triggered when a visitor…

Read More about Injection of Unwanted Google AdSense Ads

January 2, 2017Cesar Anjos

Website Malware Targets Mobile Platforms

Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up can turn into the dangerous…

Read More about Website Malware Targets Mobile Platforms

cloned sites file.php infection

November 15, 2016Fernando Barbosa

Cloned Spam Sites in Subdirectories

In a recent post, we covered how attackers were abusing server resources to create WordPress sites in subdirectories and distribute spam. By adding a complete WordPress CMS installation into a…

Read More about Cloned Spam Sites in Subdirectories

June 29, 2016Douglas Santos

200k+ Parked/Expired Domains Used to Distribute Malicious Ads

Recently we wrote about domain renewal scams that used real paper letters to tricks site owners into transferring their domains and renewing them for 3-4x the normal price. However, this…

Read More about 200k+ Parked/Expired Domains Used to Distribute Malicious Ads

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.