• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
  • Immediate Help
  • Login
  • Languages
    • English
    • Spanish
    • Portuguese

Obfuscation

Baidu to Google Redirects

April 18, 2018Denis Sinegubko

From Baidu to Google’s Open Redirects

Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised…

Read More about From Baidu to Google’s Open Redirects

Unwanted Ads via Baidu Links

April 10, 2018Denis Sinegubko

Unwanted Ads via Baidu Links

The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then. Some of the changes were documented as updates at the bottom…

Read More about Unwanted Ads via Baidu Links

Obfuscation through legitimate appearances.

April 4, 2018Peter Gramantik

Obfuscation Through Legitimate Appearances

Recently, I analyzed a malware sample provided by our analyst Edward C. Woelke and noticed that it had been placed in a core WordPress folder. This seemed suspicious, since no…

Read More about Obfuscation Through Legitimate Appearances

keylogger returns on new domains

January 24, 2018Denis Sinegubko

Cloudflare[.]solutions Keylogger Returns on New Domains

A few months ago, we covered two injections related to the “cloudflare.solutions” malware: a CoinHive cryptominer hidden within fake Google Analytics and jQuery, and the WordPress keylogger from Cloudflare[.]solutions. This…

Read More about Cloudflare[.]solutions Keylogger Returns on New Domains

hacked website mine cryptocurrencies blog header

September 22, 2017Denis Sinegubko

Hacked Websites Mine Cryptocurrencies

Cryptocurrencies are all the rage now. Bitcoin, altcoins, blockchain, ICO, mining farms, skyrocketing exchange rates – you see or hear this every day in the news now. Everyone seems to…

Read More about Hacked Websites Mine Cryptocurrencies

August 15, 2017Rodrigo Escobar

Decoding Complex Malware – Step-by-Step

When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into different locations to increase…

Read More about Decoding Complex Malware – Step-by-Step

July 26, 2017Denis Sinegubko

Register My Backdoor – Unorthodox Invocation Mechanisms

Backdoors are found in 72% of infected websites, according to our latest reports. Backdoors are files left on the server by attackers in order to retain access to your site and…

Read More about Register My Backdoor – Unorthodox Invocation Mechanisms

April 6, 2017Néstor Angulo

Ecommerce Security – Customer Data Breaches Using Images

Since late last year, there has been a steady rise in malware campaigns that aim to steal sensitive personal information and financial credentials. Attackers often insert pieces of malicious code…

Read More about Ecommerce Security – Customer Data Breaches Using Images

April 4, 2017Denis Sinegubko

WordPress Security – Unwanted Redirects via Infected JavaScript Files

We’ve been watching a specific WordPress infection for several months and would like to share details about it. The attacks inject malicious JavaScript code into almost every .js file it…

Read More about WordPress Security – Unwanted Redirects via Infected JavaScript Files

March 30, 2017Denis Sinegubko

Spotting a Hidden SEO Hack: “Play One”

SEO hacks continue to plague websites as attackers abuse SERP rankings for their own gain. The time and effort spent by the website owner creating content, optimizing pages and building…

Read More about Spotting a Hidden SEO Hack: “Play One”

March 6, 2017Cesar Anjos

vBulletin Used to Show Malicious Advertisements

In the past, we have seen a massive amount of vBulletin websites compromised through the VBSeo Vulnerability. Attackers have been infecting vBulletin websites since 2012 with this malware, and more…

Read More about vBulletin Used to Show Malicious Advertisements

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Sucuri website security

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2018 Sucuri Inc. All rights reserved