Categories
Security

Backdoor Uses Paste Site to Host Payload

Backdoor Uses Paste Site to Host Payload

Finding backdoors is one of the biggest challenges of a website security analyst, as backdoors are designed to be hidden in case the malware is found and removed.

Website Backdoors

A backdoor is a piece of malware that attackers leave behind to allow them access back into a website. Hackers like to inject code into different locations to increase their chances of retaining control of the website so they can reinfect it continuously.

Continue reading Backdoor Uses Paste Site to Host Payload at Sucuri Blog.

Categories
Security

Google and Facebook Used in Phishing Campaigns

Google and Facebook Used in Phishing Campaigns

We’ve all seen sketchy looking emails or texts with malicious links to click on. There are still people who fall for these more obvious types of scams, however, phishing scam messages are designed to be deceiving. They use methods that appear valid or of some urgent matter, encouraging its victim to hand over their data.

Phishing Campaigns

Phishing attempts happen in many ways, such as:

  • deceptive email campaigns,
  • suspicious SMS alerts (called smishing),
  • fake websites designed to look and sound authentic, and more.

Continue reading Google and Facebook Used in Phishing Campaigns at Sucuri Blog.

Categories
Security

Unwanted Ads via Baidu Links

Unwanted Ads via Baidu Links

The malware attack that began as an installation of malicious Injectbody/Injectscr WordPress plugins back in February has evolved since then.

Some of the changes were documented asUpdates at the bottom of the original blog post, however, every week we see minor modifications in the way they obfuscate the scripts or the files they inject them into.

Encrypted WordPress JavaScript Files

At this moment, the most common injection targets are core WordPress JavaScript files:

wp-includes/js/jquery/jquery-migrate.min.js
wp-includes/js/jquery/jquery.js
wp-includes/js/wp-embed.min.js

Hackers add the malicious code and then obfuscate the entire file contents along with the original legitimate code so that the only way to clean the files without breaking the site functionality is to replace them with their original clean copies.

Continue reading Unwanted Ads via Baidu Links at Sucuri Blog.

Categories
Security

New WordPress Security Guide

New WordPress Security Guide

WordPress has become the most popular CMS and now powers over 28% of the web. With over 60 million downloads, its popularity makes it a prime target for malicious hackers that are looking for vulnerabilities to exploit. If an attacker is able to gain unauthorized access into an insecure website, they can leverage valuable resources for malware or spam campaigns, harming a website’s visitors and reputation.

Our new guide is intended to educate WordPress administrators on basic security techniques and steps to help improve your security posture.

Continue reading New WordPress Security Guide at Sucuri Blog.