By now, the news about what happened at Silicon Valley Bank (SVB) leading up to its collapse and takeover by the US Federal Government is well known. The rapid speed with which the collapse took place was surprising to many and the impact on organizations, both large and small, is expected to last a while. […]
Tag Archives: Malware
Is My Site Hacked? (13 Signs)
Symptoms of a hack can vary wildly. A concerning security alert from Google, a browser warning when you visit your site, or even a notice from your hosting provider that they’ve taken down your website — all of these events may indicate that your website has been hacked. Fortunately, there are a number of quick […]
Attackers Abuse Cron Jobs to Reinfect Websites
Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new wave of these infections that appears to be closely related to this article about a backdoor that we’ve been tracking. In today’s post we’ll be discussing what cron jobs are, […]
The Dangers of Installing Nulled WordPress Themes and Plugins
Nulled WordPress themes and plugins are a controversial topic for many in the web development world — and arguably one of the bigger threats to WordPress security. Essentially modified versions of official WordPress themes and plugins with their licensing restrictions removed, these nulled software copies are often touted as premium functionality packaged in a free […]
Bogus URL Shorteners Redirect Thousands of Hacked Sites in AdSense Fraud Campaign
Late last year we reported on a malware campaign targeting thousands of WordPress websites to redirect visitors to bogus Q&A websites. The sites themselves contained very little useful information to a regular visitor, but — more importantly — also contained Google Adsense advertisements. It appeared to be an attempt to artificially pump ad views to […]
Konami Code Backdoor Concealed in Image
Attackers are always looking for new ways to conceal their malware and evade detection, whether it’s through new forms of obfuscation, concatenation, or — in this case — unorthodox use of image file extensions. One of the most common backdoors that we have observed over the last few months has been designed to evade detection […]
Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website traffic to third party sites of their choosing — including tech support scams, adult dating, phishing, or drive-by-downloads. Since late December, our team has been […]
Vulnerable WordPress Sites Compromised with Different Database Infections
Vulnerabilities within WordPress can lead to compromise, and oftentimes known vulnerabilities are utilized to infect WordPress sites with more than one infection. It is common for out of date websites to be attacked by multiple threat actors or targeted by the same attacker using multiple different channels. We recently came across a database injection that […]
Chinese Gambling Spam Targets World Cup Keywords
Since 2018, our team has been tracking an interesting type of website infection where the tag of a hacked website is changed to Chinese text — changes which are clearly seen in the website’s search results and source code. However, when you open the affected website in a JavaScript-enabled web browser, the site operates as […]
New Wave of SocGholish cid=27x Injections
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads zipped malicious templates from WordPress theme and fake plugins files before extracting the SocGholish script, which is saved as an encrypted value inside the wp_option table of the WordPress database. […]
