Malware Updates – Page 2 – WindowsTechs.com

A Puzzling Backdoor Upload

Posted on May 3, 2018 by Douglas Santos

After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These malicious pieces of code are a valuable tool for attackers and allow them to bypass any existing access control… Continue reading A Puzzling Backdoor Upload→

From Baidu to Google’s Open Redirects

Posted on April 18, 2018 by Denis Sinegubko

Last week, we described how an ongoing massive malware campaign began using Baidu search result links to redirect people to various ad and scam pages.
It didn’t last long. Soon after the publication of that article, the bad actors changed the li… Continue reading From Baidu to Google’s Open Redirects→

Obfuscation Through Legitimate Appearances

Posted on April 4, 2018 by Peter Gramantik

Recently, I analyzed a malware sample provided by our analyst Edward C. Woelke and noticed that it had been placed in a core WordPress folder. This seemed suspicious, since no such core WP file like it exists: ./wp-includes/init.php
Deceiving Appearan… Continue reading Obfuscation Through Legitimate Appearances→

Malicious Website Cryptominers from GitHub. Part 2.

Posted on January 3, 2018 by Denis Sinegubko

Recently we wrote about how GitHub/GitHub.io was used in attacks that injected cryptocurrency miners into compromised websites. Around the same time, we noticed another attack that also used GitHub for serving malicious code.
Encrypted CoinHive Miner … Continue reading Malicious Website Cryptominers from GitHub. Part 2.→

Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites

Posted on December 6, 2017 by Denis Sinegubko

A few weeks ago, we wrote about a massive WordPress infection that injected an obfuscated script pretending to be jQuery and Google Analytics. In reality, this script loaded a CoinHive cryptocurrency miner from a third-party server.
We also menti… Continue reading Cloudflare[.]Solutions Keylogger on Thousands of Infected WordPress Sites→

Cryptominers on Hacked Sites – Part 2

Posted on October 25, 2017 by Denis Sinegubko

Last month we wrote about how the emergence of website cryptocurrency miners resulted in hackers abusing the technology by injecting the CoinHive miners into compromised sites without the consent of the website owners.

We reviewed two types of infections that affected WordPress and Magento sites, and have been monitoring the malicious use of the CoinHive cryptominer. What we are discovering is that there are more and more attacks in the wild using cryptominers, which affects all major CMS platforms.

Continue reading Cryptominers on Hacked Sites – Part 2 at Sucuri Blog.

The post Cryptominers on Hacked Sites – Part 2 appeared first on Security Boulevard.

Continue reading Cryptominers on Hacked Sites – Part 2→