Two weeks ago we discussed a new development in website hacks: Web3 crypto wallet drainers. We’ve been closely following the most significant variant which injects drainers using the external cachingjs/turboturbo.js script. Our SiteCheck website scanner has already detected this version Continue reading From Web3 Drainer to Distributed WordPress Brute Force Attack
Our story starts like many others told on this blog: A new client came to us with reported cases of credit card theft on their eCommerce website. The website owner had received complaints from several customers who reported bogus transactions Continue reading WooCommerce Credit Card Skimmer Uses Telegram Bot to Exfiltrate Stolen Data
WordPress’ massive market share has come with an unsurprising side effect: As more and more site admins turn to popular plugins like WooCommerce to turn a profit on their website and set up online stores we’ve seen a significant increase Continue reading Smilodon Credit Card Skimming Malware Shifts to WordPress