The attack is simple: when browsing an infected website, the user receives a notification that insists they must download a file to continue to access the content. What they don’t know is that the file is actually a Remote Access Continue reading New Malware Variants Serve Bogus CloudFlare DDoS Captcha
All software has bugs — but some bugs can lead to serious security vulnerabilities that can impact your website and traffic. Vulnerabilities can be especially dangerous when your software is running over the web, since anyone can reach out and Continue reading A Guide to Virtual Patching for Website Vulnerabilities
Magento store owners using the popular FishPig extensions should be wary of a recent supply chain attack which compromised their software repository. FishPig released a detailed security announcement on September 13th, 2022. The attack is estimated to have occurred on Continue reading Magento Supply Chain Attack Targets Extension Developer FishPig
When a website is hacked symptoms can sometimes include unexpected, unfamiliar and strangely located favicon or .ico files. Other symptoms might include: ”This site may be hacked” warnings ShareTweetSharePostSharePin It!
It’s not uncommon for users to experience “DDoS Protection” pages when casually browsing the web. These DDoS protection pages are typically associated with browser checks performed by WAF/CDN services which verify if the site visitor is, in fact, a human Continue reading Fake DDoS Pages On WordPress Sites Lead to Drive-By-Downloads
Earlier this June, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned by our remediation team in the last few years. This NDSW/NDSX malware — also referred Continue reading SocGholish: 5+ Years of Massive Website Infections
WebAssembly (also referred to as Wasm) is a binary instruction format that runs in the browser to enable high-performance applications on web pages and can be executed much faster than traditional JavaScript. WebAssembly can be executed in a variety of Continue reading Cryptominers & WebAssembly in Website Malware
PrestaShop is a popular freemium open source e-commerce platform used by hundreds of thousands of webmasters to sell products and services to website visitors. While PrestaShop’s CMS market share is only 0.8%, it should still come as no surprise that Continue reading PrestaShop Skimmer Concealed in One Page Checkout Module
There’s no one specific topic or target or audience when it comes to website security. But when you clean enough hacked websites, you start to see trends and techniques emerge in the landscape. In my last presentation at WordCamp Europe, Continue reading Security Lessons Learned from 2021
Conducting an external website scan for indicators of compromise is one of the easiest ways to identify security issues. While remote scanners may not provide as comprehensive of a scan as server-side scanners, they allow users to instantly identify malicious Continue reading SiteCheck Malware Trends Report – Q2 2022
WordPress security is serious business – and an essential consideration for anyone using the world’s most popular CMS (Content Management System). While the WordPress team quickly addresses known security issues in WordPress’ core to protect the millions of website owners Continue reading Top 5 Most Common WordPress Malware Infections: An Anatomy Lesson
The AnonymousFox hack targets insecure websites and actively exploits them to spread phishing, spam, and other malware. A major nuisance for website owners, it also happens to be one of the more prevalent types of malware seen on client sites Continue reading How to Find & Clean Up the AnonymousFox Hack
The threat landscape is constantly shifting. As attackers continue to hone their tools and exploit new vulnerabilities, our team works diligently to identify and analyze threats posed to webmasters. So – what do you need to do to stay one Continue reading 2021 Threat Report Webinar
E-commerce websites are valuable targets for attackers. Bad actors often leverage creative techniques to conceal their credit card stealers and gather sensitive credit card information from online storefronts. A recent investigation for a compromised Magento website revealed a rather interesting Continue reading It Takes 2 Seconds of Silence to Skim a Credit Card
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive infections don’t go unnoticed by Sucuri and we immediately recognized that the infection in their Continue reading Analysis of the Massive NDSW/NDSX Malware Campaign
Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle transactions based on order details and allows for out-of-the-box integrations with payment service providers like Continue reading Credit Card Stealer Targets PsiGate Payment Gateway Software
Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located server-side, the other client-side. X-Cart’s e-commerce platform is not nearly as popular as Magento or Continue reading X-Cart Skimmer with DOM-based Obfuscation
Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam pages, or commercial websites with the intention of generating illegitimate traffic. As outlined in our Continue reading Massive WordPress JavaScript Injection Campaign Redirects to Ads
During a recent investigation, a new client came to us reporting that their antivirus had detected a suspicious domain loading on their website’s checkout page. We regularly receive reports like these, as this is a telltale indicator of a credit Continue reading Manually Identifying an X-Cart Credit Card Skimmer