Why is Your Website a Target? The SEO Value of a Website

Why is Your Website a Target? The SEO Value of a Website

Website security is what we eat, sleep, and breathe. It’s what we do best because we deal with hacked websites every single day, thousands of them. Among the various types and evolution ...
Cryptomining Dropper and Cronjob Creator

Cryptomining Dropper and Cronjob Creator

Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU, which is not unusual when a cryptominer ...
Lightbox Adware – From Innocent Scripts to Malicious Redirects

Lightbox Adware – From Innocent Scripts to Malicious Redirects

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if other scripts ...
Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites

Korean Gambling and Call Girl Spam on Hacked and Non-hacked Sites

This blog post talks about how a web spam campaign that targets only one country may create problems for sites owners around the world — even if their site is not hacked ...
Closed Source E-commerce Platforms Can Be Compromised

Closed Source E-commerce Platforms Can Be Compromised

These days, the majority of store owners opt-in for the easiest closed-source ecommerce platform options. For the most part, these platforms typically allow users to customize a template, as well as add ...
PHP Backdoor Evaluates XOR Encrypted Requests

PHP Backdoor Evaluates XOR Encrypted Requests

In the past, we’ve mentioned how the PHP XOR bitwise operator (represented by the caret ^) can be used to encrypt a malware’s source code. This operator makes it more difficult to ...
W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader Malware Dropper Served from Compromised Websites

W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a year, which serves as a doorway to ...
Replica Spam on Poorly Maintained ASP Site

Replica Spam on Poorly Maintained ASP Site

Although the majority of sites we work on are powered by PHP, we still have clients whose sites use other programming languages. The other day we cleaned an ASP site where we ...
Cronjob Backdoors

Cronjob Backdoors

Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors. A good example of ...
How Stolen Ecommerce Data is Sold on the Darknet

How Stolen Ecommerce Data is Sold on the Darknet

We have recently published posts regarding banking malware and some of the ways it uses compromised websites to infect victim’s devices (smartphones, computers, POS terminals). Now let us look into some of ...
Loading...