Tag Archives: Malware

Web3 Crypto Malware: Angel Drainer – From Phishing Sites to Malicious Injections

Since January 2024, there has been a notable surge in attacks by a novel form of website malware targeting Web3 and cryptocurrency assets. This malware, spread across multiple campaigns, uses crypto drainers to steal and redistribute assets from compromised wallets. The strategy involves either injecting drainers directly into compromised websites or redirecting site visitors to […]

Remote Access Trojan (RAT): Types, Mitigation & Removal

Remote Access Trojans (RATs) are a serious threat capable of giving attackers control over infected systems. This malware stealthily enters systems (often disguised as legitimate software or by exploiting a vulnerability in the system) and opens backdoors for attackers to perform a wide range of malicious activities on the victim’s computer. This blog post is […]

Fixing Website Hosting Issues: “This Account Has Been Suspended”

Experiencing a “This account has been suspended” warning on your website can be both confusing and alarming. This message means that your hosting provider has put your site on a temporary hold. The reasons for an account suspension can range from malware infections and spam content, excessive resource usage, unpaid web hosting bills, or policy […]

The Dangers of Lateral Movement & Website Cross Contamination

One of the most frequent problems that we observe in website hosting environments is “cross contamination” — the lateral movement of an attacker between websites. Cross-site contamination occurs when a site is infected by neighboring sites within the same hosting environment due to poor isolation on the server or account configuration. In this post we […]

Thousands of Sites with Popup Builder Compromised by Balada Injector

On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3. A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a […]

MageCart WordPress Plugin Injects Malicious User & Credit Card Skimmer

One of our analysts recently found an interesting malicious plugin injected into a WordPress / WooCommerce ecommerce website which both creates and conceals a bogus administrator user. It was also found injecting sophisticated credit card skimming JavaScript into the website’s checkout page. This plugin includes an interesting sample of malicious code which goes to great […]

Analysis of the Fake WordPress CVE-2023-46182 Patch Plugin & Phishing Campaign 

On December 1, 2023, several security researchers reported about a new phishing campaign targeting WordPress administrators. WordPress sites owners had started receiving emails from WordPress.com with the following message: “The WordPress Security Team has discovered a Remove Code Execution (RCE) vulnerability on your site, which allows attackers to execute malwares and steal your data, user […]

Skimming Credit Cards with WebSockets

If you were to believe shopping mall merchants, you’d think the holiday season starts immediately after Halloween. Christmas trees and candy canes abound, along with the same songs played on repeat that we hear every year ad nauseam. However, the same could be said for card skimming attacks: Once the trick-or-treaters have gone home for […]

New Email Course: Common Website Threats & Malware

The digital world isn’t all rainbows, unicorns, and cat gifs; it also has a dark side. As threats become increasingly sophisticated, website owners and administrators need to up their game. That’s why we’ve created this tailored email course — to help you navigate common website malware and vulnerabilities. We’ve picked apart data from over 43,000 […]