Fake Google chrome update malware, often associated with the notorious SocGholish infection, is something that we have been tracking for a number of years. It is one of the most common types of website malware. It tricks unsuspecting users into downloading what appears to be an update to their Chrome browser, but is actually a […]
Tag Archives: drive-by-download
Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks performed by WAF/CDN services which verify if the site visitor is, in fact, a human or is part of a Distributed Denial of Service (DDoS) attack or other unwanted bot. […]
WordPress Redirect Hack via Test0.com/Default7.com
Malicious redirect is a type of hack where website visitors are automatically redirected to some third-party website: usually it’s some malicious resource, scam site or a commercial site that buys traffic from cyber criminals (e.g. counterfeit drugs or replica merchandise). Types of Malicious Redirects There are two major types of malicious redirects: server-side redirects and […]
Evolution of Conditional Spam Targeting Drupal Sites
Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each visitor’s session. It’s quite common for attackers to evolve their techniques and add new variations of hidden backdoors to make it harder to get rid […]
WordPress Security – Fake TrafficAnalytics Website Infection
Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics even set up fake analytics websites designed to trick webmasters who took a few steps to investigate the unfamiliar script. Recently, a new variation of […]
Website Malware Targets Mobile Platforms
Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up can turn into the dangerous possibility of harmful mobile malware. The increase in mobile internet browsing has prompted attackers to adapt their techniques, targeting mobile-specific platforms and distributing spam and […]
Ask Sucuri: Is My Website Hacked?
Having your website hacked can be a devastating experience for any website owner. Unfortunately, many website owners rarely know they are infected until days, if not weeks, after the compromise has occurred. Their notification comes in the form of a blacklist or some other alert, including notifications from their users. Neither is ideal. So how… […]
FunWebProducts UserAgent Bloating Traffic
Every once in a while we get a case that makes us dig deep to find answers. We have spoken before about the trouble with forensics and reasons why websites get hacked. Sometimes though, the answer is not clear and we can only gather clues to make an educated guess. Our main business is preventingRead […]
The Art of Website Malware Removal – The Basics
When talking about defense against malicious hacks, the attack vector is a common topic for Information Security (InfoSec) professionals. The primary concern is to understand the anatomy of the attack and prevent it from happening again. However, there is a less glamorous task that must take place once an attack vector is exploited; that is […]
Threat Introduced via Browser Extensions
We love investigating unusual hacks. There are so many ways to compromise a website, but often it’s the same thing. When we see malicious code on web pages, our usual suspects are: Vulnerabilities in website software Trojanized software from untrusted sources (e.g. pirated themes and plugins) Stolen or brute-forced credentials (anything from FTP and SSH […]