menu

Hidden Seo Spam Links

2020-09-01 :: Luke
#injector  #seo spam  #website malware  Hidden Seo Spam Links
Many times when a website has been injected with SEO spam the owner is unaware of it until they begin to receive warnings from search engines or blacklists. This is by design as the attacker arranges the display of the website so that the links are not going to be visible by average human traffic. No SEO spam visible to human traffic, but it exists out of sight. One way to do this is to use design elements to “push” the injected SEO spam links off the visible portion of the website.
Read more →

Magento JS Skimmer Hidden in CSS Request to Malicious Domain

2020-08-18 :: Luke
#amastybootstrap  #JavaScript  #skimmer  #magento  #ecommerce  #website malware  Magento JS Skimmer Hidden in CSS Request to Malicious Domain
It’s important to an attacker for a skimmer to remain undetected for as long as possible, so they do research and use various techniques to make the request that loads the skimmer look innocuous.
Read more →

wp_uploader.php: Simple and Effective Uploader

2020-08-16 :: Luke
#backdoor  #PHP  #website malware  wp_uploader.php: Simple and Effective Uploader
It takes less than 100 characters of PHP code to create an uploader that can be placed on a compromised website to act as a backdoor.
Read more →

DarkClownSecurity Web Shell

2020-08-13 :: Luke
#backdoor  #evasion  #website malware  DarkClownSecurity Web Shell
How a PHP web shell uses basic functions like tempname, require, and urldecode to remain lowkey.
Read more →

Prestashop Backdoor - SuperAdmin Injector

2020-08-10 :: Luke
#admin user creator  #backdoor  #ecommerce  #prestashop  #PHP  #website malware  Prestashop Backdoor - SuperAdmin Injector
A malware injection used to automatically inject a SuperAdmin user into the Prestashop _employees database table.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.