Conditional Malware
Backdoor Shell Dropper Deploys CMS-Specific Malware
A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want. Another common ...
Fake WordPress Plugin SiteSpeed Serves Malicious Ads & Backdoors
Fake WordPress plugins appear to be trending as an effective way of establishing a foothold on compromised websites. During a recent investigation, we discovered a fake component which was masquerading as a ...
Phishing Campaign Targets Poste Italiane & SMS OTP Verification
When creating phishing lures, attackers may cite recent major regulatory changes within the context of their social engineering scheme to confuse or further entice victims into clicking a link or performing some ...
Obfuscated WordPress Malware Dropper
It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating their malicious code to make it unreadable ...
Assemble the Cookies
When we investigate compromised websites, it’s not unusual to find malicious files that have been obfuscated through forms of encoding or encryption — however, these are not the only methods that attackers ...
Abused Cloudflare Workers Service Used to Inject Korean SEO Spam
We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot. What was especially frustrating for the website owner ...
Hacked Website Threat Report – 2019
The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities to massively ...
Fake French Police Sextortion Scam
There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method of digital communication can be used to ...
Hacked Website Trend Report – 2018
We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / Sucuri team, which includes ...
Fake Browser Updates Push Ransomware and Bank Malware
Recently we came across a malicious campaign injecting scripts that push fake browser updates onto site visitors. This is what a typical fake update request looks like: Users see a message box ...
