wss://hotjar[.]info skimmer

wss://hotjar[.]info skimmer
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.
Read more →

Darknet Myth? Murder-for-hire

Darknet Myth? Murder-for-hire
Believe it or not - some people actually think hitmen advertise their services on the darknet…and the media plays into it.
Read more →

WordPress Injection Exfiltrates Admin Login

WordPress Injection Exfiltrates Admin Login
wp-login.php injection silently exfiltrates a victim’s username and password back to the attacker’s server.
Read more →

Gel4y Mini Shell by Indonesian Darknet

Gel4y Mini Shell by Indonesian Darknet
Another PHP web shell that promises it can bypass ‘server security’.
Read more →

analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer

analiticsweb.site (zulhqmnr@netmail[.]tk) skimmer
A JavaScript skimmer that loads from analiticsweb[.]site/analytics.js - and opsec failure leads to discovery of more malicious domains.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.