Last week we described the hack that randomly redirected site visitors either to a parked test0 .com domain or to malicious sites via the default7 .com domain. … [Read more...]
WordPress Redirect Hack via Test0.com/Default7.com
We’ve been working on a few WordPress sites with the same infection that randomly redirects visitors to malicious sites via the default7 .com / test0 .com / … [Read more...]
Website Ransomware – CTB-Locker Goes Blockchain
During the last couple of years, website ransomware has become one of the most actively developing types of malware. After infamous fake anti-viruses, this it … [Read more...]
Website Malware – Evolution of Pseudo Darkleech
Last March we described a WordPress attack that was responsible for hidden iframe injections that resembled Darkleech injections: declarations of styles with … [Read more...]
vBulletin Exploits in the Wild
**Update: CheckPoint disclosed more details here: Check Point Discovers Critical vBulletin 0-Day. The vBulletin team patched a serious object injection … [Read more...]
WordPress Malware – VisitorTracker Campaign Update
For the last 3 weeks we have been tracking a malware campaign that has been compromising thousands of WordPress sites with the VisitorTracker malware code. We … [Read more...]
.htaccess Tricks in Global.asa Files
As you might know a lot of hacks use Apache configuration .htaccess files to override default web site behavior: add conditional redirects, create virtual paths … [Read more...]
Website Malware – The SWF iFrame Injector Evolves
Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an … [Read more...]
WordPress Malware Causes Psuedo-Darkleech Infection
Source: The National Archives (UK) Darkleech is a nasty malware infection that infects web servers at the root level. It use malicious Apache modules to add … [Read more...]
Inverted WordPress Trojan
Trojan (or trojan horse) is software that does (or pretends to be doing) something useful but also contains a secret malicious payload that inconspicuously does … [Read more...]