menu

Spoofed 404s

2021-07-12 :: Luke
#http_response_code  #404  #evasion  #fake  #PHP  #website malware  Spoofed 404s
Should you trust the HTTP response code when analyzing access logs for suspicious traffic?
Read more →

MAGECART GROUP 12: toolser.pw skimmer

2021-06-28 :: Luke
#MAGECART GROUP 12  #toolser.pw  #pathc.space  #skimmer  #ecommerce  #magento  #PHP  #website malware  MAGECART GROUP 12: toolser.pw skimmer
This PHP code injection is used to selectively inject the JavaScript skimmer that is loaded from toolser.pw (recently had been using pathc.space).
Read more →

wss://hotjar[.]info skimmer

2021-06-13 :: Luke
#hotjar.info  #wss  #skimmer  #ecommerce  #magento  #JavaScript  #website malware  wss://hotjar[.]info skimmer
A twist on the old ‘analytics code’ camouflage used by some skimmers to evade detection.
Read more →

Darknet Myth? Murder-for-hire

2021-06-12 :: Luke
#darknet  #fed honeypot  #random  Darknet Myth? Murder-for-hire
Believe it or not - some people actually think hitmen advertise their services on the darknet…and the media plays into it.
Read more →

WordPress Injection Exfiltrates Admin Login

2021-06-09 :: Luke
#backdoor  #login stealer  #$ccc_url  #wordpress  #PHP  #website malware  WordPress Injection Exfiltrates Admin Login
wp-login.php injection silently exfiltrates a victim’s username and password back to the attacker’s server.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.