What is online gambling spam and what can I do about it?
Sucuri Online gambling spam thrives on dreams of easy money and high stakes. Beating the house at an exotic casino. Splitting sevens. Going all in on…
Browsing Tag
Website Backdoor
176 posts
My Website Is Hosting a Phishing Page – Now What?
Most phishing advice is written for the person staring at a suspicious email. This guide is for the other kind of victim: The website owner…
Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors
Puja Srivastava Overview During a recent malware cleanup investigation, we encountered a compromised Joomla website where the site owner reported a strange issue. Their website displayed a…
WordPress Auto-Login Backdoor Disguised as JavaScript Data File
During a recent investigation, we discovered a sophisticated WordPress backdoor hidden in what appears to be a JavaScript data file. This malware automatically logs attackers…
Hidden WordPress Backdoors Creating Admin Accounts
During a recent cleanup of a compromised WordPress website, we discovered two different malicious files designed to silently manipulate administrator accounts. Attackers often inject such…
Uncovering a Stealthy WordPress Backdoor in mu-plugins
Recently, our team uncovered a particularly sneaky piece of malware tucked away in a place many WordPress users don’t even know exists: the mu-plugins folder.…
Fake Spam Plugin Uses Victim’s Domain Name to Evade Detection
Kayleigh Martin During our investigation of an SEO spam infection (spam content designed to manipulate search engine results), we discovered a nicely crafted plugin that named itself…
Stealthy WordPress Malware Drops Windows Trojan via PHP Backdoor
Last month, we encountered a particularly interesting and complex malware case that stood out from the usual infections we see in compromised WordPress websites. At…
The Case of Hidden Spam Pages
Ben Martin Spammy posts and pages being placed on WordPress websites is one of the most common infections that we come across. The reason being is that…
When Good Software Goes Bad
Matt Morrow Most often bad actors try their best to hide their activities by using obfuscated code or by uploading fake plugins or themes that inject simple…
Hidden Malware Strikes Again: Mu-Plugins Under Attack
At Sucuri, our security researchers continually monitor for new malware variants and infection techniques targeting WordPress websites. Recently, we’ve uncovered multiple cases where threat actors…