Archive by Author

Malicious Cryptominers from GitHub

Recently, a webmaster contacted us when his AVG antivirus reported that the JS:Miner-C [Trj] infection was found on their site. Our investigation revealed a hidden iframe had been injected into the theme’s footer.php file: <iframe src="hxxps://wpupdates.github[.]io/ping/” style=”width:0;heigh:0;border:none;”> When we opened the URL in a browser, the page was blank. After checking the HTML source code, More Info »

Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites

A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be jQuery and Google Analytics. In reality, this script loaded a CoinHive cryptocurrency miner from a third-party server. We also mentioned a post written back in April that described the cloudflare.solutions malware, which came along with the cryptominers. More Info »

Risks For E-commerce Site Owners Through the Holidays

Shopping season is here, and with that, so is the opportunity for ecommerce site owners to grow their revenue and reputation. However, hackers are also busy infecting ecommerce websites with malware, such as: Credit Card Swipers Malicious Payment Gateways Malware Downloads Now is the time when attackers target those last-minute shoppers buying products online. Over More Info »

How to Avoid Malicious Cyber Monday Campaigns

As consumers prepare to take advantage of the discounts and promotions for the Black Friday and Cyber Monday ecommerce holidays, bad actors are crafting fraudulent websites, phishing, and malware campaigns to capitalize on the profits. In past years, targeted Cyber Monday phishing emails posed a huge risk to consumers. These emails, designed to appear from More Info »

SQL Injection in bbPress

During regular audits of our Sucuri Firewall (WAF), one of our researchers at the time, Slavco Mihajloski, discovered an SQL Injection vulnerability affecting bbPress. If the proper conditions are met, this vulnerability is very easy to abuse by any visitors on the victim’s website. Because details about this vulnerability have been made public today on More Info »

Why Attackers Hack Small Sites

You would never leave the front door to your house wide open when you’re not home would you? Doing so would allow criminals to seize the opportunity of stealing your valuables. That’s the same way you can look at website hacking. Leaving your website unprotected is like establishing an open-door policy with hackers, giving them More Info »

New WordPress Security Guide

WordPress has become the most popular CMS and now powers over 28% of the web. With over 60 million downloads, its popularity makes it a prime target for malicious hackers that are looking for vulnerabilities to exploit. If an attacker is able to gain unauthorized access into an insecure website, they can leverage valuable resources More Info »

Cryptominers on Hacked Sites – Part 2

Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of the website owners. We reviewed two types of infections that affected WordPress and Magento sites, and have been monitoring the malicious use of the CoinHive More Info »

Malware Serving SEO Spam from External Sites

We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to SEO spam campaigns through PHP, database injections or .htaccess redirects. An SEO spam infection can be devastating to a website’s credibility and reputation. Many website owners recognize and appreciate More Info »