• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Malware Cleanup

Manually Identifying an X-Cart Credit Card Skimmer

May 5, 2022Liam Smith

Manually Identifying an X-Cart Credit Card Skimmer

During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page. We regularly receive reports like these, as this is a telltale indicator of a credit card skimmer infection. Our research…

Read More about Manually Identifying an X-Cart Credit Card Skimmer

Malicious Magento User Creator

August 4, 2021Liam Smith

Examining Unique Magento Backdoors

During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution capabilities. The techniques used by…

Read More about Examining Unique Magento Backdoors

Magento Credit Card Stealer Reinfector

July 7, 2021Ben Martin

Magecart Swiper Uses Unorthodox Concatenation

MageCart is the name given to the roughly one dozen groups of cyber criminals targeting e-commerce websites with the goal of stealing credit card numbers and selling them on the…

Read More about Magecart Swiper Uses Unorthodox Concatenation

WooCommerce Credit Card Swiper Hides in Plain Sight

May 28, 2021Ben Martin

WooCommerce Credit Card Skimmer Hides in Plain Sight

Recently, a client’s customers were receiving a warning from their anti-virus software when they navigated to the checkout page of the client’s ecommerce website. Antivirus software such as Kaspersky and…

Read More about WooCommerce Credit Card Skimmer Hides in Plain Sight

W97M/Downloader Malware Dropper Served from Compromised Websites

September 18, 2020Luke Leal

The Hidden PHP Malware that Reinfects Cleaned Files

Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if you lack access to necessary…

Read More about The Hidden PHP Malware that Reinfects Cleaned Files

WordPress Vulnerability

September 2, 2020Antony Garand

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website. Users of our WAF were never vulnerable…

Read More about Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

PinnacleCart Server-Side Skimmer & Backdoor

April 22, 2020Denis Sinegubko

PinnacleCart Server-Side Skimmers and Backdoors

While open-source ecommerce platforms are the most common targets for web skimmers, hackers also target paid-for software — especially if it’s used on high-profile online stores with large user-bases. This…

Read More about PinnacleCart Server-Side Skimmers and Backdoors

Hacked Website Threat Report 2019

January 28, 2020Rianna MacLeod

Hacked Website Threat Report – 2019

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…

Read More about Hacked Website Threat Report – 2019

January 17, 2020Luke Leal

Zen Cart “PayPal” Skimmer

While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware. Our security analyst…

Read More about Zen Cart “PayPal” Skimmer

Vulnerable Versions of Adminer as a Universal Infection Vector

November 9, 2019Denis Sinegubko

Vulnerable Versions of Adminer as a Universal Infection Vector

This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple…

Read More about Vulnerable Versions of Adminer as a Universal Infection Vector

Reset email account passwords after website infection

July 22, 2019Luke Leal

Reset Email Account Passwords after Website Infection: Follow Up

In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise. The information security threat landscape is always…

Read More about Reset Email Account Passwords after Website Infection: Follow Up

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2022 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.