Tag Archives: Malware

Malicious Script Injection on WordPress Sites

Recently, our team discovered a JavaScript-based malware affecting WordPress sites, primarily targeting those using the Hello Elementor theme. This type of malware is commonly embedded within legitimate-looking website files to load scripts from an external source. The malware injects a malicious external script into the theme’s header.php file, leading to harmful consequences for site owners […]

Credit Card Skimmer Malware Targeting Magento Checkout Pages

Magento websites are a frequent target for cybercriminals due to their widespread usage in eCommerce and the valuable customer data they handle. During a routine investigation, we discovered a malicious JavaScript injection targeting Magento websites. This malware dynamically creates a fake credit card form or extracts payment fields directly depending on the variant of the […]

Simple Include Statement Hides Casino Spam

Just as there are countless types of websites on the internet, there are just as many attackers seeking to exploit them. These attackers develop malicious code that continuously evolves, constantly finding new ways to harm their next target. Sometimes, threat actors rely on heavy obfuscation to conceal their malicious code, while others use stealthier methods […]

PHP Reinfector and Backdoor Malware Target WordPress Sites

We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector and backdoor malware. While we initially believed that the infection was linked to the wpcode plugin, we found that several sites without this plugin were compromised as well. Upon deeper investigation, we discovered that this malware not only reinfects website […]

Malware Steals Account Credentials

It’s common for malware to target e-commerce sites, and these attackers are usually seeking to steal credit card details. In most cases, they will insert scripts that extract data from the checkout forms to siphon fields like the cardholder name, card number and expiration date. Once they have that information, their job is done and […]

2024 Credit Card Theft Season Arrives

The holiday shopping season is just around the corner, and it’s the time of year the eCommerce website owners need to be most on their guard. Credit card stealing malware, commonly referred to as “MageCart”, is most rampant during the holiday shopping season. Attackers are always aiming to maximize their profits. As such, they know […]

Indonesian Gambling Redirect Hiding in Plain Sight

Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to track. Some pieces of malware require extensive reviews to uncover. But in other instances, that is not always the case. Threat actors find new ways to inject malware to avoid […]

Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan

In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This malware leverages social engineering tactics to deceive visitors into downloading malicious files, compromising their systems. Type of website impacted and the scope of infection We reported a similar fake browser […]

SiteCheck Remote Website Scanner — Mid-Year 2024 Report

Conducting an external website scan for indicators of compromise is one of the easiest ways to  identify security issues. While remote website scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious code and detect security issues on their website without installing any software or applications. […]