It feels like every day we’re finding gems, or what appear to be gems to us. We try to balance the use of the term, but I can’t lie, these are truly gems. The things they are doing, and by they I mean the attackers, are in some instance ingenious. I think you’ll agree that […]
Tag Archives: Malware
PHP Backdoors: Hidden With Clever Use of Extract Function
When a site gets compromised, one thing we know for sure is that attackers love to leave malware that allows them access back to the site; this type of malware is called a backdoor. This type of malware was named this because it allows for remote control of a compromised website in a way that […]
Mysterious Zencart Redirects Leverage HTTP Headers
About a week ago we got an interesting Zencart case. Being that we don’t often write about Zencart we figured it’d be good time to share the case and details on what we found. The Scenario The site was redirecting to “www .promgirl .de”. I know, not very unique. Additionally, it was only affecting “www” […]
Many Pieces of a Puzzle: Target, Neiman Marcus and Website Hacking
Corporations get hacked all the time. This is not news to anyone in the security business, but it has certainly received a lot of attention from those in the media over the last few weeks because of a couple of large-scale credit card events at both Target and Neiman Marcus. For the average person, website […]
Website Mesh Networks Distributing Malware
Can you imagine having the keys to a kingdom? How awesome would that be!! This is true in all domains, especialy when it comes to your website. This is almost like the holy grail of website attacks, gain access and do what you want with someone else’s pride and joy. We all know that once […]
Recent OptimizePress Vulnerability Being Mass Infected
A few weeks ago we wrote about a file upload vulnerability in the OptmizePress theme. We were seeing a few sites being compromised by it, but nothing major. That all changed yesterday when we detected roughly 2,000 websites compromised with iFrames that seemed to be caused by this same vulnerability. All of the contaminated websites […]
The Hidden Backdoors to the City of Cron
An attackers key to creating a profitable malware campaign is its persistency. Malicious code that is easily detected and removed will not generate enough value for their creators. This is the reason why we are seeing more and more malware using creative backdoor techniques, different obfuscation methods, and using unique approaches to increase the lifespan […]