Tag Archives: Malware

Indonesian Gambling Redirect Hiding in Plain Sight

Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to track. Some pieces of malware require extensive reviews to uncover. But in other instances, that is not always the case. Threat actors find new ways to inject malware to avoid […]

Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan

In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This malware leverages social engineering tactics to deceive visitors into downloading malicious files, compromising their systems. Type of website impacted and the scope of infection We reported a similar fake browser […]

SiteCheck Remote Website Scanner — Mid-Year 2024 Report

Conducting an external website scan for indicators of compromise is one of the easiest ways to  identify security issues. While remote website scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious code and detect security issues on their website without installing any software or applications. […]

The Security Risks of Using Nulled WordPress Plugins

The prospect of obtaining premium features without spending a dime is tempting. Nulled WordPress plugins and themes, often being advertised as the no cost versions of their premium counterparts, can seem like a dream come true for many WordPress users. Who doesn’t want to save some money while still enjoying the enhancements and extended features […]

PrestaShop GTAG Websocket Skimmer

During a recent investigation we uncovered another credit card skimmer leveraging a web socket connection to steal credit card details from an infected PrestaShop website. While PrestaShop is not the most popular eCommerce solution for online stores it is still in the top 10 most common ecommerce platforms in use on the web, and clocks […]

Attackers Abuse Swap File to Steal Credit Cards

When it comes to website security, sometimes the most innocuous features can become powerful tools in the hands of attackers. Such was the case in a recent incident we investigated, where bad actors exploited the humble swap file to maintain a persistent credit card skimmer on a Magento e-commerce site. This clever tactic allowed the […]

New Variation of WordFence Evasion Malware

We recently came across an infected WordPress environment which contained a new variation of WordFence evasion malware using some sneaky tactics to conceal itself from view. The site administrator was reporting some issues with potential credit card theft malware on their website, but they had already removed that themselves by the time we arrived at […]

Decoding the Caesar Cipher Skimmer

Over the last several weeks we’ve observed an interesting new variation of “gtag” credit card skimming attack with a surprisingly high number of detections so far. As of the time of writing this article we have seen nearly 80 detections altogether in the first two weeks alone. Our research team and analysts have found this […]