Tag: Drupal Security

  • RawGit CDN is Abused by CryptoLoot Cryptominers

    RawGit CDN is Abused by CryptoLoot Cryptominers

    Recently, we came across another way to use files from GitHub repositories in malware infections. This time the infections weren’t via GitHub.io, raw.githubusercontent.com, or github.com///raw/ URLs. The new trick involved a third-party service called RawGit that provides a CDN for GitHub files. This is the script that we found injected into .js and theme files…

  • CoinImp Cryptominer and Fully Qualified Domain Names

    CoinImp Cryptominer and Fully Qualified Domain Names

    We are all familiar with the conventional domain name notation, where different levels are concatenated with the full stop character (period). E.g. “www.example.com”, where “www” is a subdomain, “example” is a second level domain, and “com” is a top level domain. However, very few know that there is also a DNS root domain and it…

  • New Guide on How to Clean a Hacked Website

    New Guide on How to Clean a Hacked Website

    Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to share with you some tips on how to clean your hacked website. We are happy to help the community learn the steps they…

  • Cryptominers on Hacked Sites – Part 2

    Cryptominers on Hacked Sites – Part 2

    Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of the website owners. We reviewed two types of infections that affected WordPress and Magento sites, and have been monitoring the malicious use of the CoinHive…