Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages. It didn’t last long. Soon after the publication of that article, the bad actors changed the links to use compromised third-party sites and a couple of day later they began More Info »
Tag Archives: google
Malicious Activities with Google Tag Manager
If I were to ask if you could trust a script from Google that is loading on your website, the majority of users would say “yes” or even “absolutely”. But when malicious behavior ensues, everything should be double-checked and suspected, even assets that come from “trusted sources” like Google, Facebook, and Youtube. In the past, More Info »
Google Warnings For Form Input Over HTTP Coming in October
For years, Google has been actively seeking ways to encourage website owners to implement SSL certificates. SSL allows websites to be accessed over HTTPS, which encrypts information sent between the visitor and web server. Recently, we discussed how Google is moving from a reward system to a punitive one. Websites using SSL continue to get More Info »
Evolution of Conditional Spam Targeting Drupal Sites
Last year we took a look at how attackers were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each visitor’s session. It’s quite common for attackers to evolve their techniques and add new variations of hidden backdoors to make it harder to get rid More Info »
When Your Plugins Turn Against You
Every day we face countless cases of sites getting compromised and infected by an attacker. From there, the sites can be used for various operations like spam campaigns, malware spreading or simply to damage your SEO ranking among other events. The threat may not always come from outside though. There are occasions where we are More Info »
New Non-HTTPS Websites Blacklisted for Phishy Password Practices
We submit hundreds of blacklist review requests every day after cleaning our clients’ websites. Google’s Deceptive Content warning applies when Google detects dangerous code that attempts to trick users into revealing sensitive information. For the past couple of months we have noticed that the number of websites blacklisted with Deceptive Content warnings has increased for More Info »
Website Malware: Unwanted Exit to YourBrexit
Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually counterfeit) goods or (often illegal) services. But what would you feel if your site redirected visitors to a political news site? This time we are talking about an attack that More Info »
Malicious Subdirectories Strike Again
In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites. By adding malicious files into a directory and using the victim’s database structure, attackers were able to inject ads and promote their products. This time, attackers used a similar technique More Info »
Introducing Accelerated Mobile Links: Making the Mobile Web App-Quick
In 2017, we’ve predicted that more than half of the traffic to Cloudflare’s network will come from mobile devices. Even if they are formatted to be displayed on a small screen, the mobile web is built on traditional web protocols and technologies that were designed for desktop CPUs, network connections, and displays. As a result, More Info »
Injection of Unwanted Google AdSense Ads
During the last couple of years, it has become quite prevalent for hackers to monetize compromised sites by injecting unwanted ads. They can be pop-up ads triggered when a visitor spends a certain amount of time on an infected page, or automatic redirection of mobile traffic to URLs that belong to ad networks. It’s not More Info »
