Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Recently we saw a new wave of a known malware that injects malicious WordPress admin users to vulnerable or compromised sites.

Read More ...

Recently, during a website investigation, we detected that attackers have been modifying the database structure of WP Maintenance plugin (which is a very popular wordpress plugin which adds a "down for maintenance" or coming soon page for your website) and inserting malicious code into wpmm_settings option to lead users to the harmful content.

Read More ...

Books SEO Spam

2017-10-16  by  Fernando Barbosa

We already discussed in our blog some cases where the attacker uploaded a full ready-to-use website in order to promote their products and services. This is a well-known SEO spam tactic, but this time we're going to cover what we found in a recent incident response process. A full library was injected into the victim's file structure, of course without the consent of the website owner.

Read More ...

While working on a compromised website, it's very common to encounter hacktools. Those are like the attackers' swiss knife, allowing them to perform several tasks such as: DoS attacks, execute server level exploits and even simple filemanagers.

Read More ...

In the last few months, we've covered several cases of SEO Spam in our labs and blog that were promoting products and services ranging from essay writing to sunglasses. From time to time, these Spam campaigns change and attackers focus on topics that may bring additional revenue. This time around, the topic was Soccer :)

Read More ...

Years ago, colleagues from Yandex introduced the concept of Mayhem infections.

In that post, they provided very detailed information about the malware, its functionalities and capabilities.

Read More ...

Many websites get compromised and used for SEO in order to drive traffic to other websites that would usually be ranked very low or completely removed by Google due to their content. Recently I found some malware pulling spam content from chinajianzhan[.]cn.

Read More ...

Attackers often aim to conceal their presence using different methods, such as injecting redirect scripts, creating spam pages, or hiding a mailer in checkout pages to steal credit cards; but this is not always the case.

Read More ...

Recently, during an incident response process, we worked on an interesting Magento website. This site was reported to having a strange redirection when users visited the site. Without further ado, we started investigating the issue on this site.

Read More ...

During an incident response investigation, we detected an interesting backdoor that was small but had the potential to give the attacker full access to your website and all its content.

Let’s review the backdoor content which was placed into the wp-content/themes/newaffpower/functions.php file:

Read More ...