• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Obfuscation

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

January 24, 2023Denis Sinegubko

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website traffic to third party sites of their choosing — including tech support scams, adult dating,…

Read More about Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

Infected Plugins Redirect to Push Notification Scam

December 6, 2022Eli Trevino

How to Fix & Remove the “Click Allow If You Are Not a Robot” Redirect

Attackers are always finding unique ways to avoid detection. Our teams regularly find malware on compromised websites which have been obfuscated to make it more difficult for webmasters to detect…

Read More about How to Fix & Remove the “Click Allow If You Are Not a Robot” Redirect

New Wave of SocGholish cid=27x Injections

November 23, 2022Denis Sinegubko

New Wave of SocGholish cid=27x Injections

On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads zipped malicious templates from WordPress…

Read More about New Wave of SocGholish cid=27x Injections

August 23, 2022Ben Martin

Examining Less-Common WordPress Credit Card Skimmers

Since 2020 considerable attention has been spent analysing the emergence of MageCart malware within WordPress environments which most commonly affects sites using WooCommerce. As demonstrated in a previous post WordPress…

Read More about Examining Less-Common WordPress Credit Card Skimmers

SocGholish and NDSW NDSX malware, FakeUpdates, SilverFish (SolarWind) and ransomware

August 16, 2022Denis Sinegubko

SocGholish: 5+ Years of Massive Website Infections

Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned by our remediation team in…

Read More about SocGholish: 5+ Years of Massive Website Infections

X-Cart Skimmer with DOM Based Obfuscation

July 19, 2022Matt Morrow

PrestaShop Skimmer Concealed in One Page Checkout Module

PrestaShop is a popular freemium open source e-commerce platform used by hundreds of thousands of webmasters to sell products and services to website visitors. While PrestaShop’s CMS market share is…

Read More about PrestaShop Skimmer Concealed in One Page Checkout Module

Analysis of the Massive NDSW/NDSX Malware Campaign

June 2, 2022Denis Sinegubko

Analysis of the Massive NDSW / NDSX Malware Campaign

Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive infections don’t go unnoticed by…

Read More about Analysis of the Massive NDSW / NDSX Malware Campaign

Credit Card Stealer Targets PSiGate Payment Gateway Software

May 24, 2022Luke Leal

Credit Card Stealer Targets PsiGate Payment Gateway Software

Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle transactions based on order details…

Read More about Credit Card Stealer Targets PsiGate Payment Gateway Software

Analyzing a WooCommerce credit card stealer

May 19, 2022Liam Smith

Analyzing a WooCommerce Credit Card Skimmer

The number of credit card skimmers targeting WooCommerce websites has skyrocketed over the past year, and threat actors have become increasingly creative in the different ways they obfuscate their payloads…

Read More about Analyzing a WooCommerce Credit Card Skimmer

X-Cart Skimmer with DOM Based Obfuscation

May 17, 2022Denis Sinegubko

X-Cart Skimmer with DOM-based Obfuscation

Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located server-side, the other client-side. X-Cart’s…

Read More about X-Cart Skimmer with DOM-based Obfuscation

Manually Identifying an X-Cart Credit Card Skimmer

May 5, 2022Liam Smith

Manually Identifying an X-Cart Credit Card Skimmer

During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page. We regularly receive reports like…

Read More about Manually Identifying an X-Cart Credit Card Skimmer

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.