Website Security News
Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised…
Recently, I analyzed a malware sample provided by our analyst Edward C. Woelke and noticed that it had been placed in a core WordPress folder. This seemed suspicious, since no…
A few months ago, we covered two injections related to the “cloudflare.solutions” malware: a CoinHive cryptominer hidden within fake Google Analytics and jQuery, and the WordPress keylogger from Cloudflare[.]solutions. This…
Read More about Cloudflare[.]solutions Keylogger Returns on New Domains
Recently we wrote about how GitHub/GitHub.io was used in attacks that injected cryptocurrency miners into compromised websites. Around the same time, we noticed another attack that also used GitHub for…
Read More about Malicious Website Cryptominers from GitHub. Part 2.
Update Dec. 8 2017: The cloudflare[.]solutions domain has now been taken down. A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be…
Read More about Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites
Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of…
Over the summer, we’ve seen waves of WordPress database infections that use vulnerabilities in tagDiv’s Newspaper/Newsmag themes or InterconnectIT Search and Replace scripts (searchreplacedb2.php). The injections range from ad scripts…
Read More about Old Themes, Abandoned Scripts and Pitfalls of Cleaning Serialized Data
Hackers are constantly scanning the internet for exploitable sites, which is why even small, new sites should be fully patched and protected. At the same time, it is not feasible…
Read More about Mining Adminers – Hackers Scan the Internet For DB Scripts
This month, our Malware Research and Incident Response teams wrote about redirects that deliver malware and ads to visitors, as well as a backdoor method that attempts to hide from…
Sucuri Labs provides website malware research updates directly from our teams on the front line. You can read past-monthly recaps to catch up on trends we look at every month….
This month, our Malware Research and Incident Response teams wrote about several malware techniques that attempt to evade detection by focusing on small changes that website owners might miss. Examples…
