Cookie Consent Script Used to Distribute Malware

Cookie Consent Script Used to Distribute Malware

Most websites today use cookies. Since May 25th, 2018, all websites that do business in the European Union (EU) had to make some changes to be compliant with the EU General Data Protection Regulation (GDPR). Even though cookie usage is mentioned only once in GDPR, any organization utilizing them to ... Read More
Switching to HTTPS Before It’s Too Late

Switching to HTTPS Before It’s Too Late

Google, Mozilla, and other web authorities are pushing for website owners to adopt HTTPS. Soon, Google Chrome will start flagging sites by displaying a warning that the site is “Not secure“. Chrome 68 is already in Beta. Before long, everyone will be able to update their browsers to Chrome 68 ... Read More

Why You Should Care about Website Security on Your Small Site

Most people assume that if their website has been compromised, there must have been an attacker evaluating their site and looking for a specific vulnerability to hack. Under most circumstances however, bad actors don’t manually hand-pick websites to attack since it’s a tedious and time consuming process. Instead, they rely ... Read More
Analysis of a Malicious Blackhat SEO Script

Analysis of a Malicious Blackhat SEO Script

An enormous number of SEO spam infections are handled by us here at Sucuri. In our most recent hacked website trend report, we analyzed over 34,000+ websites and identified that 44% of all website infection cases were misused for SEO spam campaigns. Once a website has been compromised, attackers often ... Read More
Malware Serving SEO Spam from External Sites

Malware Serving SEO Spam from External Sites

We handle an enormous number of SEO spam infections here at Sucuri. In Q3 of 2016, approximately 37% of all website infection cases were related to SEO spam campaigns through PHP, database injections or .htaccess redirects. An SEO spam infection can be devastating to a website’s credibility and reputation. Many ... Read More
Credit Card Stealer Investigation Uncovers Malware Ring

Credit Card Stealer Investigation Uncovers Malware Ring

During a recent investigation, I found a new piece of malicious code being used to steal credit card information from compromised Magento sites. What I didn’t know was how many domains would be uncovered as part of the malware campaign. Each of the malicious domain names was specifically chosen to ... Read More
Expired Domain Leads to WordPress Plugin Redirects

Expired Domain Leads to WordPress Plugin Redirects

A malicious redirect is a snippet of code used by attackers with the intention of redirecting visitors to another site; a very common tactic seen in compromised websites. These redirects often take visitors to phishing, malware, or advertising sites with the intention of capturing sensitive user data, distributing malware and ... Read More