Welcome to Stratusclear

Show me more

Latest Blog Posts

  • Magento Credit Card Stealing Malware: gstaticapi

    Our team recently came across a malicious script used on a Magento website titled gstaticapi, which targeted checkout processes to capture and exfiltrate stolen information. To obtain sensitive details, the malware loads external javascript whenever the URL contains “checkout” ⁠— this location typically belongs to the step in Magento’s checkout process where users enter their More Info »

    Read More

  • Malicious One-Liner Using Hastebin

    Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a domain we see used infrequently. The script was found writing malicious contents into an image directory on a compromised website, allowing an attacker to execute other malicious commands. The attacker More Info »

    Read More

  • Phishing Page Targets AT&T’s Employee Multi-Factor Authentication

    Employees at companies of all sizes can be targets of phishing attacks, but certain corporations or industries can be more valuable to an attacker than others. For instance, employees at telecom companies will often have some level of elevated access that is unavailable to a non-employee. In fact, this access can be so valuable that More Info »

    Read More

NEED WORDPRESS HELP?

We will get the job done! Finding innovative solutions to your obstacles is our specialty.