This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting scripts from scripts.trasnaltemyrecords[.]com into multiple files and database tables. This is still the same ongoing…
We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy” landing pages selling counterfeit men’s health pills from various .su and .eu top level domains.…
There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method of digital communication can be used to deliver the blackmail threat to the victim. Blackmail…
It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In our first post in this series, we’ll describe how bad…
Once an attacker manages to hack and gain access to a target site or system, they typically work hard to maintain their access—as long as it can to help them achieve their goals. You can think of it like having…
In the past four months, Sucuri has seen an increase in the number of plugins affected by the misuse of WordPress’ update_option() function. This function is used to update a named option/value in the options database table. If developers do…
Before we get into the details of “Cryptocurrency Mining Malware”, we need to understand first what cryptocurrency is and what miners are. What is Cryptocurrency? Cryptocurrency is best thought of as digital currency and it only exists on computers. It…
These days, we consider a malware campaign massive if it affects a couple thousand websites. However, back in the day when Sucuri first started its operations, the scale of infections was significantly larger — and it was quite typical to…