My Website Is Hosting a Phishing Page – Now What?
Sucuri Most phishing advice is written for the person staring at a suspicious email. This guide is for the other kind of victim: The website owner…
Browsing Tag
Malware Cleanup
78 posts
Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors
Puja Srivastava Overview During a recent malware cleanup investigation, we encountered a compromised Joomla website where the site owner reported a strange issue. Their website displayed a…
Web Shells: Types, Mitigation & Removal
Cesar Anjos Web shells are malicious scripts that give attackers persistent access to compromised web servers, enabling them to execute commands and control the server remotely. These…
Shadow Directories: A Unique Method to Hijack WordPress Permalinks
Last month, while working on a WordPress cleanup case, a customer reached out with a strange complaint: their website looked completely normal to them and…
Malware Intercepts Googlebot via IP-Verified Conditional Logic
Some attackers are increasingly moving away from simple redirects in favor of more “selective” methods of payload delivery. This approach filters out regular human visitors,…
WordPress Auto-Login Backdoor Disguised as JavaScript Data File
During a recent investigation, we discovered a sophisticated WordPress backdoor hidden in what appears to be a JavaScript data file. This malware automatically logs attackers…
Unauthorized Admin User Created via Disguised WordPress Plugin
Recently at Sucuri, we investigated a malware case reported by one of our clients. Their WordPress site was compromised, and the attacker had installed a…
7 Steps to Remove Malware from WordPress
Kyle Knight If you’ve ever had your website compromised by malware, you know the sheer panic it can cause. But don’t worry, you’re not alone. More importantly…
How to Fix Google Ads Disapproved Due to Malicious or Unwanted Software
Rianna MacLeod Were your Google Ads just disapproved after a website compromise? Or, are you seeing policy violations for malicious or unwanted software in your Google Ads…
Hacked Website Threat Report – 2022
Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this…
Attackers Abuse Cron Jobs to Reinfect Websites
Ben Martin Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new…