SocGholish Malware: What It Is & How to Prevent It
Rianna MacLeod Website malware comes in all shapes and sizes, each with its own unique methods of attack and evasion. One threat making regular headlines is SocGholish,…
Browsing Tag
SocGholish
7 posts
New Wave of SocGholish Infections Impersonates WordPress Plugins
Ben Martin SocGholish malware, otherwise known as “fake browser updates”, is one of the most common types of malware infections that we see on hacked websites. This…
Xjquery Wave of WordPress SocGholish Injections
Denis Sinegubko In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
New Wave of SocGholish cid=27x Injections
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads…
New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users.…
SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
Analysis of the Massive NDSW / NDSX Malware Campaign
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive…