Tag: User-Agent

  • Unwanted “Shorte St” Ads in Unpatched Newspaper Theme

    Unwanted “Shorte St” Ads in Unpatched Newspaper Theme

    Unwanted ads are one of the most common problems that site owners ask us to solve. Recently, we’ve noticed quite a few requests to remove intrusive “shorte st” ads that they never installed on their sites themselves. My colleague Denis Sinegubko of UnmaskParasites helped to investigate this case. Shorte[.]st is a service that hijacks links, […]

  • Fake bb_press Plugin Redirects to Mobile Pornography

    Fake bb_press Plugin Redirects to Mobile Pornography

    When a website is hacked, we often find that attackers have injected multiple backdoors, web shells, and malicious code that allows them to regain access if the original vulnerability is patched. This allows hackers to continue abusing the website and server resources. One of the techniques they use is to add fake extensions that perform…

  • JavaScript Injections Leads to Tech Support Scam

    JavaScript Injections Leads to Tech Support Scam

    During a recent malware investigation, we found some interesting obfuscated Javascript code. This code pretends to appear as part of the popular AddThis social sharing plugin, using it in URL naming conventions and an image file. The malware ultimately redirects website visitors to node.additionsnp[.]top which hosts a tech support scam that can be dangerous to…

  • Malicious Subdirectories Strike Again

    Malicious Subdirectories Strike Again

    In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites. By adding malicious files into a directory and using the victim’s database structure, attackers were able to inject ads and promote their products. This time, attackers used a similar technique…