Fake GIF Leveraged in Multi-Stage Reverse-Proxy Card Skimming Attack
Ben Martin In today’s post we’re going to review a sophisticated, multi-stage carding attack on a Magento eCommerce website. This malware leveraged a fake gif image file,…
Browsing Tag
Malware
210 posts
Fake Font Domain Used to Skim Credit Card Data
Kayleigh Martin Recently, a client of ours came to us concerned about credit card theft on their WordPress site. The client’s users reported that their credit card…
Hidden Malware Strikes Again: Mu-Plugins Under Attack
Puja Srivastava At Sucuri, our security researchers continually monitor for new malware variants and infection techniques targeting WordPress websites. Recently, we’ve uncovered multiple cases where threat actors…
Fake Cloudflare Verification Results in LummaStealer Trojan Infections
Today’s blog post will be a follow up to a previous article we posted a few weeks ago: We continue to see new variants of…
Credit Card Skimmer and Backdoor on WordPress E-commerce Site
The battle against e-commerce malware continues to intensify, with attackers deploying increasingly sophisticated tactics. In a recent case at Sucuri, a customer reported suspicious files…
Cascading Redirects: Unmasking a Multi-Site JavaScript Malware Campaign
During a recent website security investigation, we uncovered a malicious JavaScript injection affecting a WordPress website. The infection was responsible for redirecting visitors to unwanted…
Fake WordPress Plugin Impacts SEO by Injecting Casino Spam
Injecting malware via a fake WordPress plugin has been a common tactic of attackers for some time. This clever method is often used to bypass…
WordPress ClickFix Malware Causes Google Warnings and Infected Computers
Since December of last year there has been a new fake Google reCAPTCHA campaign making its way through the WordPress world. Very similar to malware…
When Spam Hides In Plain Sight
Matt Morrow We recently worked on an interesting case where Casino spam was visible in the page source, but couldn’t be located in any of the usual…
Hidden Backdoors Uncovered in WordPress Malware Investigation
At Sucuri, we often encounter cases where malware is deeply embedded in websites, hidden in files and scripts that can easily escape detection. In this…
Malware Redirects WordPress Traffic to Harmful Sites
Recently, a customer approached us after noticing their website was redirecting visitors to a suspicious URL. They suspected their site had been compromised and sought…