Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a website’s backend. Often overlooked, backdoors allow cybercriminals to maintain access long after an initial breach. Understanding the risks they pose and how to…
Sucuri
Japanese Spam on a Cleaned WordPress Site: The Hidden Sitemap Problem
While investigating a compromised WordPress site, we discovered a malware infection causing Japanese spam links to appear in Google search results. Although the site had been cleaned, Google was still crawling and indexing spammy URLs, which impacted the site’ s SEO and credibility. Japanese SEO Spam: A Common Threat…
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
Recently, we released an article where a credit card skimmer was targeting checkout pages on a Magento site. Now we’ve come across sophisticated credit card skimmer malware while investigating a compromised WordPress website. This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries…
Vulnerability & Patch Roundup — December 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and…
Vulnerability & Patch Roundup — November 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and…
Malicious Script Injection on WordPress Sites
Recently, our team discovered a JavaScript-based malware affecting WordPress sites, primarily targeting those using the Hello Elementor theme. This type of malware is commonly embedded within legitimate-looking website files to load scripts from an external source. The malware injects a malicious external script into the theme’s header.php file, …
Credit Card Skimmer Malware Targeting Magento Checkout Pages
Magento websites are a frequent target for cybercriminals due to their widespread usage in eCommerce and the valuable customer data they handle. During a routine investigation, we discovered a malicious JavaScript injection targeting Magento websites. This malware dynamically creates a fake credit card form or extracts payment fields…
Simple Include Statement Hides Casino Spam
Just as there are countless types of websites on the internet, there are just as many attackers seeking to exploit them. These attackers develop malicious code that continuously evolves, constantly finding new ways to harm their next target. Sometimes, threat actors rely on heavy obfuscation to conceal their…
PHP Reinfector and Backdoor Malware Target WordPress Sites
We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector and backdoor malware. While we initially believed that the infection was linked to the wpcode plugin, we found that several sites without this plugin were compromised as well. Upon deeper investigation, we discovered…
Malware Steals Account Credentials
It’s common for malware to target e-commerce sites, and these attackers are usually seeking to steal credit card details. In most cases, they will insert scripts that extract data from the checkout forms to siphon fields like the cardholder name, card number and expiration date. Once they have…
2024 Credit Card Theft Season Arrives
The holiday shopping season is just around the corner, and it’ s the time of year the eCommerce website owners need to be most on their guard. Credit card stealing malware, commonly referred to as “ MageCart” , is most rampant during the holiday shopping season. Attackers are always aiming to…
WordPress Vulnerability & Patch Roundup October 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and…
Rogue Ads Redirect Visitors
Ads are everywhere. They generate revenue for site owners and can present related content to the website being visited. As detailed in previous articles, bad actors often take advantage of that functionality. Quite often rogue ad networks will be used to pull down malicious content, but recently we’ve…
Indonesian Gambling Redirect Hiding in Plain Sight
Many pieces of malware found over the years have been complex and difficult to find. Attackers often obfuscate their code to make it harder to track. Some pieces of malware require extensive reviews to uncover. But in other instances, that is not always the case. Threat actors find…
Fake “Fix It” Pop-Ups Target WordPress Sites via Malicious Plugin to Download Trojan
In our recent investigation, we discovered a new malware campaign targeting WordPress sites through a fake plugin, universal-popup-plugin-v133, which delivers deceptive browser fix pop-ups. This malware leverages social engineering tactics to deceive visitors into downloading malicious files, compromising their systems. Type of website impacted and the scope of…
WooCommerce Security Essentials for Store Owners
Running a WooCommerce store is awesome for your business – it opens up a whole world of opportunities. But let’ s be honest, it also comes with some security risks. We’ re talking about hackers trying to swipe customer data and nasty malware that could take your website down. Protecting…
Unraveling Authentication and Authorization in Web Security
Authentication and authorization – they sound alike, often get used interchangeably, and are absolutely crucial for web application security. But let’ s be real, getting them right can sometimes feel like navigating a maze. Don’ t worry, we’ ll break down these concepts, highlight common vulnerabilities, and arm you with best…
WordPress Vulnerability & Patch Roundup September 2024
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and…
How to Know if Your Website Is Hacked
Whether you manage a gaming blog, an e-commerce platform, or an enterprise-level website you probably want to be able to detect infections when they occur. A hacked website can lead to financial loss, disruption of business operations, and the exposure of confidential information. The key is acting fast…
7 Steps to Remove Malware from WordPress
If you’ve ever had your website compromised by malware, you know the sheer panic it can cause. But don’ t worry, you’ re not alone. More importantly it’ s something you can fix! In this guide, we’ll walk you through seven essential steps to remove malware from your WordPress site. From…