Multiple Ways to Inject the Same Tech Support Scam Malware

less than 1 minute read

Multiple Ways to Inject the Same Tech Support Scam Malware<p>Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious scripts into WordPress websites.</p>

Shortly after, the campaign changed the domain names used in its scripts. Now it mainly uses hotopponents[.]site and learningtoolkit[.]club.

At the time of this writing, PublicWWW finds the most common patterns of this malware on thousands of sites:

  • “var _0xfcc4=” – 8501 sites
  • “hotopponents.site/site.js” – 3636 sites

Database Injections

Multiple variations of the injected scripts have been found.

Continue reading Multiple Ways to Inject the Same Tech Support Scam Malware at Sucuri Blog.

</img>

You may also enjoy

Spotlight on Women in Cybersecurity

less than 1 minute read

Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...

Hacked Website Trend Report – 2018

less than 1 minute read

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...

Facebook
Google plus
Pinterest
RSS
Spotlight on Women in Cybersecurity
How to Add SSL & Move WordPress from HTTP to HTTPS
Hacked Website Trend Report – 2018
Fake Browser Updates Push Ransomware and Bank Malware
Google Analytics and Angular in Magento Credit Card Stealing Scripts