When we think about website malware, visible infection symptoms most often come to mind: unwanted ads or pop-ups, redirects to third party sites, or spam keywords in search results. However, in some cases these very symptoms are the results of Continue reading Demystifying Website Hacktools: Types, Threats, and Detection
Welcome to the world of keyloggers, where every keystroke you make may be watched, recorded, and potentially used against you! Now that we’ve got your attention, let’s dive into the somewhat unsettling realm of these sneaky little digital spies. In Continue reading What Is a Keylogger?
On May 11th, 2023, the very popular WordPress plugin Essential Addons for Elementor released a patch for a critical privilege escalation vulnerability, initially discovered by PatchStack. The technical details of this vulnerability can be found on their recent blog post. Continue reading Vulnerability in Essential Addons for Elementor Leads to Mass Infection
It’s not often that we get the opportunity to write about website defacements on this blog. Defacements — where a website homepage is replaced with a hacker logo or some sort of political or religious message — are usually fairly Continue reading Websites Defaced with Belarusian Bottled Water Company Content
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish scripts into compromised WordPress sites. A bit later, we documented minor changes in the way Continue reading Xjquery Wave of WordPress SocGholish Injections
As a child, I loved sending secret messages to my friends using invisible ink. A quick squeeze of lemon juice was all I needed to jot down my secret message. When combined with a simple heat source (I used the Continue reading What is Steganography? (Or, How Hackers Hide Malware On Websites)
Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of backdoors: PHP scripts designed to allow attackers access and control even after you’ve changed your Continue reading Massive Abuse of an Abandoned Eval PHP WordPress Plugin
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a proper name. Typically, we refer to it as an ongoing long lasting massive WordPress infection Continue reading Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
Education is crucial in defending your website against emerging threats. That’s why we are thrilled to share our 2022 Website Threat Research Report. Disseminating this information to the community helps educate website owners about the latest trends and threats. This Continue reading Hacked Website Threat Report – 2022
Finding bogus content and unexpected links for prescription drugs on your WordPress website can be a frustrating experience. But don’t blame your site: it just got caught up in a bad crowd of black hat SEO spammers and fell victim Continue reading How to Find & Fix: WordPress Pharma Hack
Defacement is easily one the most obvious signs of a hacked website. In these attacks, bad actors gain unauthorized access to an environment and leave their mark through digital vandalism, altering its visual appearance or content in the process. In Continue reading What is a Website Defacement?
We recently had a new client come to us with a rather peculiar issue on their WordPress website: They were receiving unwanted popup advertisements but only when the website was accessed through links posted on FaceBook. Initially we thought that Continue reading Magbo Spam Injection Encoded with hex2bin
Symptoms of a hack can vary wildly. A concerning security alert from Google, a browser warning when you visit your site, or even a notice from your hosting provider that they’ve taken down your website — all of these events Continue reading Is My Site Hacked? (13 Signs)
Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new wave of these infections that appears to be closely related to this article about a Continue reading Attackers Abuse Cron Jobs to Reinfect Websites
Nulled WordPress themes and plugins are a controversial topic for many in the web development world — and arguably one of the bigger threats to WordPress security. Essentially modified versions of official WordPress themes and plugins with their licensing restrictions Continue reading The Dangers of Installing Nulled WordPress Themes and Plugins
Late last year we reported on a malware campaign targeting thousands of WordPress websites to redirect visitors to bogus Q&A websites. The sites themselves contained very little useful information to a regular visitor, but — more importantly — also contained Continue reading Bogus URL Shorteners Redirect Thousands of Hacked Sites in AdSense Fraud Campaign
Your website’s search results and rankings are vital to the success of your online business. Better search visibility equates to more traffic — which results in more opportunities to convert leads into customers. And while it may be tempting to Continue reading What is Black Hat SEO?
Attackers are always looking for new ways to conceal their malware and evade detection, whether it’s through new forms of obfuscation, concatenation, or — in this case — unorthodox use of image file extensions. One of the most common backdoors Continue reading Konami Code Backdoor Concealed in Image
Did you just try to access your site and encounter a Deceptive Site Ahead warning? This error message occurs when the browser believes your website is unsafe and experiencing security issues — and it can seriously affect your traffic and Continue reading How to Fix the “Deceptive Site Ahead” Warning
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website traffic to third party sites of their choosing — including Continue reading Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network