Before you freak out, allow me to clarify. It was one of several honeypots we have running. The honeypots are spread across the most commonly employed hosting companies. From Virtual Private Servers (VPS) to shared environments, to managed environments. In most instances we pay and configure them like any other consumer would so that we […]
Tag Archives: Malware
Website Malware: Mobile Redirect to BaDoink Porn App Evolving
Recently, we wrote about a malware redirection on this blog where the malware was causing compromised sites to redirect their visitors to pornographic content (specifically, the BaDoink app). You can read more about what we found by going to our previous blog post. As described in the original post, some particular files were infected (examples […]
Website Security Analysis: A “simple” piece of malware
For regular readers of this blog, there is one constant that pops up over and over: malware gets more complex. When malware researchers, like myself, unlock new obfuscated code, it’s a signal to the black hats that they need to up their game. For me, figuring out their new hack attempts and then putting the […]
Website Malware – Mobile Redirect to BaDoink Porn App
A few weeks ago we reported that we were seeing a huge increase in the number of web sites compromised with a hidden redirection to pornographic content. It was a very tricky injection, with the redirection happening only once per day per IP address and only if the visitor was using a mobile device (IPhone, […]
Case Study: Complexities of “simple” malware
You know when you pull a string on a sweater and it just keeps going and going? You wonder when or if it will ever stop? From time to time, that’s how malware can feel. Even if you’re not a website security expert, it’s important to understand just how complicated hackers are willing to make […]
WordPress Plugin Alert — LoginWall Imposter Exposed
When you work with malware for a while, you start to become very good at pattern recognition. A couple sites in every hundred cleaned might be infected in a similar way and remembering the initial problem helps to quickly solve the problem for the current site. You might not know exactly why something seems fishy […]
Take Back Your Internet – Demand a Safer Web
Over the last couple of weeks, we’ve written about malicious redirects pushing users to porn sites, ever more complicated phishing scams being carried out by multiple compromised websites on a single server and about adsense blackmail. We’ve written about how attackers hit these sites because that’s what we do. We figure out what they’re doing […]
Analyzing a Malicious iFrame – Following the Eval Trail
Over the last week, we’ve been working with some interesting malware injections. Developers and malware prevention professionals usually think of hidden iframes that deliver spam-seo or other malware as easy to spot. Take this injection, for example (Thanks to Sucuri team member, Rafael C., for the sample): This is not a traditional iframe src=’http://… code, […]
SiteCheck Extended – Making It Easier to Scan Your Websites
Sucuri SiteCheck is our free website malware scanner that crawls any website to detect signs of Malware injections, SEO Spam, Blacklisting, Defacement and other similar indicators of a compromised website. It is widely used by Webmasters to verify if their sites have not been compromised or blacklisted. And now we’re extending it to other platfroms, […]
Ad Violations: Why Search Engines Won’t Display Your Site If it’s Infected With Malware
As your site’s webmaster, have you ever seen an e-mail from Google like this: Hello, We wanted to alert you that one of your sites violates our advertising policies. Therefore, we won’t be able to run any of your ads that link to that site, and any new ads pointing to that site will also […]