Tag Archives: Redirects

SEO Spam Links in Nulled Plugins

It’s not unusual to see website owners running things on a budget. Choosing a safe and reliable hosting company, buying a nice domain name, boosting posts on social media, and ranking on search engines — all this costs a lot of money. At the end of the day, some site owners may even choose to More Info »

Why You Should Monitor Your Website

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques range from adding backdoors, stealing sensitive data, redirecting the site to other third-party resources, or even injecting specially crafted links to give their own sites More Info »

Evasive Maneuvers in Data Stealing Gateways

We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads. During a recent investigation, we came across this example of a PHP script that attackers use for many different purposes. What makes the sample interesting is that alongside this More Info »

SiteCheck Malware Report: September Summary

Our free SiteCheck tool helps website owners remotely scan their website to detect malware infections, blacklisting status, website errors, and other anomalies. Scanning a website’s external HTML source code provides immediate results, without the need to install any software or applications to identify threats. In September alone, a total of 17,138,086 website scans were performed More Info »

Malicious Pop-up Redirects Baidu Traffic

Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. During a recent investigation, we came across an obfuscated pop-up script leveraging baidu[.]com search results to redirect users to the attacker’s own domain. Below is the encoded JavaScript: Once decoded, the behavior becomes a bit more More Info »

Web Crawler & User Agent Blocking Techniques

This is a simple script that allows hackers to block specific crawlers based upon website requests from specific user-agents. This is useful when you don’t want certain traffic from being able to load certain content – usually a phishing page or a malicious download. if(preg_match(‘/bot|crawler|spider|facebook|alexa|twitter|curl/i’, $_SERVER[‘HTTP_USER_AGENT’])) { logger(“[BOT] {$_SERVER[‘REQUEST_URI’]} – 500”); header(‘HTTP/1.1 500 Internal Server More Info »