How Stolen Ecommerce Data is Sold on the Darknet

How Stolen Ecommerce Data is Sold on the Darknet

We have recently published posts regarding banking malware and some of the ways it uses compromised websites to infect victim’s devices (smartphones, computers, POS terminals). Now let us look into some of the methods that cybercriminals use to monetize stolen information like bank accounts, credit cards, and personal information. Infected ... Read More
Reset Email Account Passwords After a Website Malware Infection

Reset Email Account Passwords After a Website Malware Infection

It’s not uncommon for bad actors to use compromised websites to send large amounts of email spam. This can cause major headaches for website owners — spam can lead to the blacklisting of a web host’s mail server IPs, or the domain name itself may be placed on blacklists like ... Read More
Malware Campaigns Sharing Network Resources: r00ts.ninja

Malware Campaigns Sharing Network Resources: r00ts.ninja

We recently noticed an interesting example of network infrastructure resources being used over a period of time by more than one large scale malware campaign (e.g redirected traffic, cryptomining). This was discovered when reviewing sources of the various malicious domains used in a recent WordPress plugin exploit wave. Mass Infection ... Read More
Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware

Hackers Use Fake Google reCAPTCHA to Cloak Banking Malware

The most effective phishing and malware campaigns usually employ one of the following two age-old social engineering techniques: Impersonation These online phishing campaigns impersonate a popular brand or product through specially crafted emails, SMS, or social media networks. These campaigns employ various methods including email spoofing, fake or real employee ... Read More
Unsuccessfully Defaced Websites

Unsuccessfully Defaced Websites

Defaced websites are a type of hack that is easy to notice and a pain for website owners. Recently, we came across some defacement pages with a peculiar JavaScript injection included in the source code. What is a Defacement? Website defacement is a hack that often involves adding malicious images ... Read More
An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners

An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners

As we have previously discussed on this blog, surreptitious cryptomining continues to be a problem as new methods emerge to both evade and hasten the ease of mining at the expense of system administrators, website owners, and their visitors. Another Way Hackers are Tricking Website Visitors into Stealth Cryptomining The ... Read More