Outdated Duplicator Plugin RCE Abused

We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file.
These cases are all linked to the same vulnerable software: WordPress Duplicator Plugin.

Ve… Continue reading Outdated Duplicator Plugin RCE Abused

Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites.
When redirected, users see annoying pages with random utroro[.]com addresses and fake reCAPTCHA images. The messages and content try to … Continue reading Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

Ask Sucuri: How Do You Find Website Backdoors?

In a previous post, we have explained what website backdoors are and what they look like. Today, we want to focus on ways that we identify and remove backdoors to prevent reinfection.
Techniques to Find Backdoors
Finding a website backdoor is not an e… Continue reading Ask Sucuri: How Do You Find Website Backdoors?

Magento Credit Card Stealer Reinfector

In the past few months, we have frequently seen how attackers are infecting Magento installations to scrape confidential information such as credit cards, logins, and PayPal credentials. That is why we have reported on a credit card stealer reinf… Continue reading Magento Credit Card Stealer Reinfector

A Puzzling Backdoor Upload

After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These malicious pieces of code are a valuable tool for attackers and allow them to bypass any existing access control… Continue reading A Puzzling Backdoor Upload

Hacked Website Trend Report – 2017

We are proud to be releasing our latest Hacked Website Trend Report for 2017.
This report is based on data collected and analyzed by the Sucuri Remediation Group (RG), which includes the Incident Response Team (IRT) and the Malware Research Team (MRT)… Continue reading Hacked Website Trend Report – 2017

Formidable Forms / Shortcodes Ultimate Exploits In The Wild

On Monday, November 20th, we were notified about a vulnerability that poses a serious security risk when the Shortcodes Ultimate and Formidable Forms plugins are used together on a single WordPress installation.
Over the past couple of weeks, we&#8217… Continue reading Formidable Forms / Shortcodes Ultimate Exploits In The Wild