Xjquery Wave of WordPress SocGholish Injections
Denis Sinegubko In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
Browsing Tag
SocGholish
5 posts
New Wave of SocGholish cid=27x Injections
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads…
New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques
Ben Martin Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users.…
SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques
Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
Analysis of the Massive NDSW / NDSX Malware Campaign
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive…