Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye. The malicious domain was abusing the URL shortener service is.gd: shortened URLs were being injected into the posts table of the client’s WordPress database. Whenever the infected WordPress page loads, the actual content is obscured More Info »
Tag Archives: Redirects
Vulnerable Versions of Adminer as a Universal Infection Vector
This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and database tables. This is still the same ongoing campaign that we’ve been following for the past few years, where site visitors are redirected More Info »
Fake Human Verification Spam
We recently released an update to our Labs Knowledgebase for new plugins that had been targeted during the month of July 2019. One of these newly targeted plugins was Advanced Booking Calendar — and it didn’t take long before we were receiving clean up requests for websites that had already been exploited through this plugin. More Info »
How Domain Expiration Can Potentially Disrupt Other Websites
A website owner recently reached out to us about a pop-up advertisement problem on their website which occurred any time someone clicked anywhere on the web page. This irritating pop-up didn’t come from malware placed in the website’s files or database, but rather from a single JavaScript source that the owner added to a widget: More Info »
Lightbox Adware – From Innocent Scripts to Malicious Redirects
It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if other scripts start behaving the same? What if they start to use your website to spread ransomware? Visitors Redirected to Random Websites on Mobile Recently, More Info »
From .tk Redirects to PushKa Browser Notification Scam
In the past couple of years, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts into WordPress sites. This campaign leverages old vulnerabilities (patched a long time ago) found in a variety of outdated themes and plugins. However, it also adds new vulnerabilities as soon as they are disclosed—like the recent Social Warfare More Info »
Free SuperCounters Widget Serves Unwanted Redirects to Dating Site
If we navigate way back into the recesses of our memory to the era of GeoCities websites and MySpace pages, we might distinctly recollect the popularity of the visitor-counting widget. Commonly displayed on homepages across the web, these widgets served as credibility indicators to help site visitors identify the popularity of a website. While this More Info »
A Scam-Free Cyber Monday for Online Businesses
Every year we see an increase in website attacks during the holidays. While business owners see their sales go up due to promotional Black Friday and Cyber Monday campaigns, hackers are in the background working nonstop to create malicious, fraudulent websites as well as take advantage of legitimate ones. Main Cyber Monday Threats Phishing Pages One More Info »
Saskmade[.]net Redirects
Earlier this week, we published a blog post about an ongoing massive malware campaign describing multiple infection vectors that it uses. This same week, we started detecting new modifications of the scripts injected by this attack. The general idea of the malware is the same, but the domain name and obfuscation has changed slightly. For More Info »
Malicious Redirects from NewShareCounts.com Tweet Counter
When Twitter announced their new design for “Tweet” and “follow” buttons back in October 2015, marketers across the web developed a mild anxiety—the new design came with a decision to nuke their beloved Tweet count feature. Social signals can be a huge credibility indicator for visitors and site content. Who doesn’t think there’s a psychological More Info »
