Tag Archives: Redirects

Rogue Ads Redirect Visitors

Ads are everywhere. They generate revenue for site owners and can present related content to the website being visited. As detailed in previous articles, bad actors often take advantage of that functionality. Quite often rogue ad networks will be used to pull down malicious content, but recently we’ve seen a campaign where the threat actors […]

Indonesian Gambling Redirect Hiding in Plain Sight

Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to track. Some pieces of malware require extensive reviews to uncover. But in other instances, that is not always the case. Threat actors find new ways to inject malware to avoid […]

SiteCheck Remote Website Scanner — Mid-Year 2024 Report

Conducting an external website scan for indicators of compromise is one of the easiest ways to  identify security issues. While remote website scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious code and detect security issues on their website without installing any software or applications. […]

Mal.Metrica Redirects Users to Scam Sites

One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the part of the victim. It’s another lesson for web users to be careful what they click on, and to be wary of anything suspicious that pops up in their browser […]

Thousands of Sites with Popup Builder Compromised by Balada Injector

On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was fixed in version 4.2.3. A couple of days later, on December 13th, the Balada Injector campaign started infecting websites with older versions of the Popup Builder. The attack used a […]

From Google DNS to Tech Support Scam Sites: Unmasking the Malware Trail

A vast majority of website malware employ the ever-familiar HTTP/HTTPS protocols for its malicious activities. But, we also periodically confront more interesting hybrid malware leveraging various other internet protocols. For example, malware sending email spam, DDoS tools creating floods of UDP packets, bruteforce tools trying to guess SSH credentials, phishing and credit card skimming malware […]

SiteCheck Remote Website Scanner — Mid-Year 2023 Report

Conducting an external website scan for indicators of compromise is one of the easiest ways to  identify security issues. While remote scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious code and detect security issues on their website without installing any software or applications. Our […]