In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites. By adding malicious files into a directory and using the victim’s database structure, attackers were able to inject ads and promote their products.

This time, attackers used a similar technique with a little bit more sophistication to achieve their goals.

Essay Spam Campaign

This technique is now being used to distribute essay spam targeted at students.

Continue reading Malicious Subdirectories Strike Again at Sucuri Blog.

Via Sucuri.net