We recently had a client that had a persistent malware infection on their shared hosting environment that would re-infect the files quickly after we had cleaned them. The persistence was being created by a cron that was scheduled to download malware from a third party domain.

Persistent Malware Infection on WordPress and Joomla Websites

This persistent website malware infection made us remember a blog post we posted back in 2014. As it turns out, the malware operated almost identically — and in this more recent case, it was infecting a WordPress website.

Continue reading Return to the City of Cron – Malware Infections on Joomla and WordPress at Sucuri Blog.

Via Sucuri.net