Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Browsing Tag

Obfuscation

112 posts
The risks of nulled WordPress plugins
  • Website Malware Infections
  • WordPress Security

The Security Risks of Using Nulled WordPress Plugins

  • Kyle Knight
  • August 16, 2024
The prospect of obtaining premium features without spending a dime is tempting. Nulled WordPress plugins and themes, often being advertised as the no cost versions…
Read the Post
  • Website Malware Infections
  • WordPress Security

Thousands of Sites with Popup Builder Compromised by Balada Injector

  • Denis Sinegubko
  • January 10, 2024
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…
Read the Post
MageCart WordPress Plugin
  • Ecommerce Security
  • Website Malware Infections
  • WordPress Security

MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer

  • Ben Martin
  • December 21, 2023
One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus…
Read the Post
40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager
  • Ecommerce Security
  • Magento Security
  • Website Malware Infections
  • Website Security

40 New Domains of Magecart Veteran ATMZOW Found in Google Tag Manager

  • Denis Sinegubko
  • December 7, 2023
Hackers like Google Tag Manager: millions of sites use it, and they can inject custom scripts and HTML code via a script from the highly…
Read the Post
Credit Card Skimming WooCommerce WebSockets
  • Ecommerce Security
  • Website Malware Infections

Skimming Credit Cards with WebSockets

  • Ben Martin
  • November 30, 2023
If you were to believe shopping mall merchants, you’d think the holiday season starts immediately after Halloween. Christmas trees and candy canes abound, along with…
Read the Post
Malware hidden in non-executable .txt and .log files
  • Website Malware Infections
  • Website Security

Shifting Malware Tactics & Use of Non-Executable .txt & .log Files

  • Krasimir Konov
  • October 17, 2023
The malware landscape is constantly evolving — and bad actors are always devising new techniques to evade detection. Our analysts most commonly find website malware…
Read the Post
Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
  • Website Malware Infections
  • WordPress Security

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

  • Denis Sinegubko
  • October 6, 2023
In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin…
Read the Post
Magecart stealing credit card information with a single white invisible pixel
  • Ecommerce Security
  • Magento Security
  • Website Malware Infections

Decoding Magecart: Credit Card Skimmers Concealed Through Pixels & Images

  • Ben Martin
  • September 12, 2023
MageCart infections most often come in the form of complex, obfuscated JavaScript injected into Magento database tables such as core_config_data, or as malicious plugins or…
Read the Post
Bogus URL Shorteners Go Mobile-Only in AdSense fraud campaign
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Bogus URL Shorteners Go Mobile-Only in AdSense Fraud Campaign

  • Denis Sinegubko
  • September 5, 2023
Since September 2022, our team has been tracking a bogus URL shortener redirect campaign that started with just a single domain: ois[.]is. By the beginning…
Read the Post
Remote Code Execution Backdoor Uses Unicode Obfuscation and Non-Standard File Extensions
  • Website Malware Infections
  • Website Security
  • WordPress Security

Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions

  • Ben Martin
  • June 22, 2023
Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…
Read the Post
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
  • Website Malware Infections
  • Website Security
  • WordPress Security

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

  • Denis Sinegubko
  • April 6, 2023
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'