menu

Mass WP Infection: trainresistor.cc

2021-12-13 :: Luke
#trainresistor.cc  #_0x4165  #WordPress  #JavaScript  #website malware  Mass WP Infection: trainresistor.cc
A large attack campaign that has been targeting vulnerable WordPress websites and using JavaScript injections to redirect victims to scams or malicious URLs.
Read more →

Magento PHP One-Liner Backdoor

2021-12-09 :: Luke
#3bcea1436b9096a7c71182b7fa07ca1d  #backdoor  #one liner  #ecommerce  #PHP  #website malware  Magento PHP One-Liner Backdoor
Analysis of a PHP one-liner found injected on Magento ecommerce websites and learn how it is used by attackers.
Read more →

.wtf() Skimmer Still Targeting WooCommerce Websites

2021-11-30 :: Luke
#convert-server.com  #JavaScript  #skimmer  #WordPress  #WooCommerce  #ecommerce  #website malware  .wtf() Skimmer Still Targeting WooCommerce Websites
Almost identical to the one from back in March 2021 except this uses convert-server.com as the exfiltration domain.
Read more →

N26 Bank Phishing Kit & Panel Sends Custom Push Notifications

2021-11-13 :: Luke
#N26.com  #S4LIM  #uDashboard  #CVV  #real-time  #phishing  #fraud  #PHP  #website malware  N26 Bank Phishing Kit & Panel Sends Custom Push Notifications
A phishing kit targeting the German bank N26.com and exfiltrating the stolen data to a third party hosted phishing panel which in turn immediately sends a push notification to the attacker.
Read more →

Shopify Phishing Kit

2021-11-01 :: Luke
#Shopify  #zazzy  #phishing  #fraud  #PHP  #website malware  Shopify Phishing Kit
Shopify phishing kit by zazzy.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.