Home Testimonials Company Support 1–888–873–0817
PRICING SUPPORT LOGIN
Home Notes Malware Signatures About

Lately we've been dealing with an increase in attacks against ecommerce platforms. Attackers usually choose this type of solution (like Magento & others) because of the sensitive information on credit cards they can extract, as well as other potential monetary gains.

Read More ...

For many years, spam injections placed inside legitimate pages remain one of the prevalent types of black hat SEO hacks that we clean. Hackers constantly invent new tricks to make spam blocks invisible to human visitors while indexable by search engines.

Read More ...

Injecting malware into core files of CMS installations is one of the techniques attackers use. From the user’s perspective, it is easier to detect and remediate such cases if they are using a File Integrity Monitoring system. On the other hand, if they are not monitoring file changes, they could be afraid of modifying such core files, therefore leaving the website infected.

Read More ...

Website defacement is still a big issue for various website owners. It directly impacts on your online presence / visibility and as a consequence, it may get your website flagged as “Hacked” by different search engines.

Read More ...

Lately, we’ve uncovered and detailed lots of techniques being used against e-commerce platforms to steal sensitive information, mostly credit card and login credentials. With the holiday season approaching, e-commerce platforms become an even higher target due to increase in sales during the season.

Read More ...

I was assisting a client with their compromised website and came across a file called unsave.php that was primarily used to inject a rewrite into the .htaccess file so that the SEO spam payload of the file goday.php could be delivered to certain visitors sent to the directory hosting these files:

{
if ((filesize(".htaccess"))>100)
{
$out = fopen("../.htaccess", "w");
fwrite ($out, "RewriteEngine On
RewriteRule ^([A-Za-z0-9-]+).html$ goday.php?hl=$1 [L]");
fclose($out);
}

Read More ...

Attackers use different techniques to distribute SPAM in a compromised website. Most of the time they choose the file structure to inject the malicious code as it’s a more practical approach. There are exceptions to this case though, and today we are going to talk a little bit more about it.

Read More ...

Nowadays, the most common issues with database injections are related to SPAM. Brian Krebs has a book called Spam Nation, that gives us a more in depth understanding of the economic aspects of such issues and how big they actually are. Thanks Ben Martin for letting me know about this book.

Read More ...

With the increase of mobile internet browsing, attackers have adapted their techniques to target such platforms and distribute SPAM & malware to these devices. Our free online scanner SiteCheck is tailored to emulate different Mobile User Agents and warn users about possible issues that may affect your computer when accessing a particular website.

Read More ...

Recently we found a very interesting malware that injects symbolic links in each and every Linux/UNIX home folder. Once the website is infected, it uses the following code to avoid detection from search engine agents and can be executed only by the attackers:

if (!empty($_SERVER['HTTP_USER_AGENT'])) {
    $bot = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
    if (preg_match('/' . implode('|', $bot) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
       header('HTTP/1.0 404 Not Found');
       exit;
    }
}

Read More ...