Tag Archives: Website Hacked

Website Hacked Trend Report – 2016/Q1

Our Remediation group is comprised of two distinct teams, the Incident Response Team (IRT) and Malware Research Team (MRT). These teams work closely with our customers in an effort to identify and remove website infections to include malware, SEO spam and a number of other malicious actions attackers take once successfully penetrating a websites defenses.Read More Info »

Ask Sucuri: How Does Sucuri Clean a Website?

Question: How does Sucuri clean hacked websites? What is the process? We clean a lot of websites, ~ 400 / 500, daily during our normal load. To understand how we do it, you have to understand where it all comes from. The biggest challenge with providing incident response services (remediation) on compromised websites is that a majorityRead More Info »

Ransomware Strikes Websites

Ransomware is one of the most insidious types of malware that one can come across. These infections will encrypt all files on the target computer as well as any hard drives connected to the machine – pictures, videos, text files – you name it. This means that all of your files are locked. The attackersRead More Info »

Redirect to Microsoft Word Macro Virus

These days we rarely see Microsoft Word malware on websites, but it still exists and compromised websites can distribute this kind of malware as well. It’s not just email attachments when it comes to sharing infected documents. For example, this malicious file was found on a hacked Joomla site by our analyst Krasimir Konov. This scriptRead More Info »

.htaccess Tricks in Global.asa Files

As you might know a lot of hacks use Apache configuration .htaccess files to override default web site behavior: add conditional redirects, create virtual paths (e.g mod_rewrite), auto-append code to PHP scripts, etc. In the world of IIS/ASP there is also an equivalent — Global.asa files. This file contains common declarations for all ASP scripts andRead More Info »

Hacked Websites Redirect to Bitcoin.org

Recently, we began to notice that some hacked websites were redirecting traffic from certain browsers to the BitCoin site, bitcoin.org. What’s going on? Is Bitcoin using black hat SEO? Is their site malicious? As you can see, the hacked website doesn’t redirect to bitcoin.org directly. It first redirects to “194 .6 .233 .7/mxjbb . cgi?default“, whichRead More Info »