Collaborate Disseminate
Phishing attacks against targeted channels have been successful in the past, as explained last year on ZDNet. Recently, our Remediation team found an interesting phishing page following a similar pattern that was targeting YouTube creators.
Phishing B… Continue reading YouTube Account Recovery Phishing
When creating phishing lures, attackers may cite recent major regulatory changes within the context of their social engineering scheme to confuse or further entice victims into clicking a link or performing some action.
For example, in September 2019 … Continue reading Phishing Campaign Targets Poste Italiane & SMS OTP Verification
It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating their malicious code to make it unreadable to the naked eye.
In our recent post we demonstrated how… Continue reading Obfuscated WordPress Malware Dropper
A vulnerability in the discontinued WordPress theme OneTone has been added to an ongoing campaign that is targeting vulnerable WordPress websites and causes malicious redirects through domains like ischeck[.]xyz.
This specific wave uses the XSS vulner… Continue reading OneTone Vulnerability Leads to JavaScript Cookie Hijacking
One of our remediation analysts Eli Trevino recently discovered a phishing page informing victims about fake Netflix service disruptions, supposedly due to problems with the victim’s payment method.
The phishing page prompts victims to provide t… Continue reading 3-D Secure SMS-OTP Phishing
We were recently contacted by a website owner about some malicious injected spam links that were being indexed by Google’s search engine crawler Googlebot.
What was especially frustrating for the website owner was that these spammy links were no… Continue reading Abused Cloudflare Workers Service Used to Inject Korean SEO Spam
Our team recently found a malicious JavaScript injection within the WordPress index.php theme file on a compromised WordPress website which ultimately redirects site visitors to a survey-for-gifts scam website. At this time of writing, we have seen ov… Continue reading Malicious JavaScript Used in WP Site/Home URL Redirects
While we mostly see skimmers on Magento based websites, this does not mean that less-popular ecommerce platforms are safe from infections with similar payment information stealing malware.
We recently found a case on a lesser known open source ecommer… Continue reading Zen Cart “PayPal” Skimmer
In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to spread dangerous malware like Emotet to end user victims.
Emotet Threat
Firs… Continue reading How Websites Are Used to Spread Emotet Malware
Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye.
The malicious domain was abusing the URL shortener service is.gd: shortened URLs were being injected into the posts table of the clien… Continue reading Another Fake Google Domain: fonts.googlesapi.com