Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually counterfeit) goods or (often illegal) services. But what would you feel if your site redirected visitors to a political news site? This time we are talking about an attack that More Info »
Tag Archives: Redirects
WordPress Security – Unwanted Redirects via Infected JavaScript Files
We’ve been watching a specific WordPress infection for several months and would like to share details about it. The attacks inject malicious JavaScript code into almost every .js file it can find. Previous versions of this malware injected only jquery.js files, but now we remove this code from hundreds of infected files. Due to a More Info »
Joomla Security – Pornography Spam Campaign in the Wild
One of the worst experiences for a website owner is finding out that the search results for your site have turned into a pharmacy, a fashion outlet, or even a porn dump. Those unwanted keywords are a result of Search Engine Poisoning (SEP) attacks. This blackhat SEO technique is used by attackers to take advantage More Info »
JavaScript Injections Leads to Tech Support Scam
During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing plugin, using it in URL naming conventions and an image file. The malware ultimately redirects website visitors to node.additionsnp[.]top which hosts a tech support scam that can be dangerous to More Info »
Fake bb_press Plugin Redirects to Mobile Pornography
When a website is hacked, we often find that attackers have injected multiple backdoors, web shells, and malicious code that allows them to regain access if the original vulnerability is patched. This allows hackers to continue abusing the website and server resources. One of the techniques they use is to add fake extensions that perform More Info »
Spotlight: How a Social Media Expert Finds Website Security
With the new year upon us, it makes sense to reflect on how things have changed. Our Malware Research and Incident Response teams just published their latest report on trends in website security, and in the coming weeks we plan to write about the latest upgrades to the Sucuri dashboard. Looking back at our website More Info »
Website Malware Targets Mobile Platforms
Navigating the web on a mobile device can be tricky even when you’re browsing clean sites. If hackers are involved, the frustration of a pop-up can turn into the dangerous possibility of harmful mobile malware. The increase in mobile internet browsing has prompted attackers to adapt their techniques, targeting mobile-specific platforms and distributing spam and More Info »
How Scammers Abuse Baidu Search Results
If you use Skype, recently you may have received Baidu link spam from some of your contacts. The links look like this: www.baidu[.]com/link?url=_QIcrpeV-oOPb6HGTgigvW00e0fiBQyFjSui12FrARO#emubahyt= When you click these links you end up on fake news sites with articles about a new miracle medicine that may help you lose weight or double your IQ. Here are the typical headlines More Info »
Ask Sucuri: Can Your cPanel Page Be Maliciously Redirected?
Many webmasters may not be aware that hackers are able to maliciously redirect cPanel pages. The specific tactic we describe in this article is unique. Included are recommendations to prevent it, along with other suspicious issues, through logs kept on cPanel servers. A lot of websites owners already know about the .htaccess file (short for More Info »
Malicious Redirect Injected in Magento One Page Checkout
With the holiday season around the corner, ecommerce sites are very valuable to website owners and equally attractive to attackers. Hackers have been targeting Magento installations in order to steal sensitive information like credit card data or PayPal logins, but in this case, promote websites for their monetary gain. Being PCI compliant is becoming increasingly More Info »
