Category: Malware Page 3 of 6

Turkish SEO spam

Analysis Of An SEO Spam Campaign

Search engine spam, more frequently known as SEO spam, is a technique used to manipulate rankings in a way that is not allowed by search engine terms of service.

This week we’ll take a look at an interesting SEO spam campaign that recently came across the SiteLock research desk. Turkish escorts are apparently big business and we had the opportunity to dig a bit into the makings of a malicious Turkish escort spam campaign.

Read More

types of malware

Exploring the Different Types of Malware [Infographic]

Malware, short for malicious software, is typically installed on a website by cybercriminals. Malware is a broad term that refers to a variety of malicious programs. It can spread viruses, steal personal or financial data and even hijack computers. Read our infographic to learn about the different types of malware.

Read More

malware removal

How To Remove Malware From Your Website

When you think of websites being infected with malware, what types of sites come to mind? Pharmaceutical sites, porn sites or sites that bombard you with pop-up ads? While these sites could very well be malicious, you’re actually more likely to run into malware while visiting one of your typical, everyday e-commerce or news sites. Today, 75 percent of legitimate websites are at risk of malware. Malware, also known as malicious software, is designed to harm a website and its visitors.

Read More

Internet bots can be good or bad

Bots – The Good, The Bad and The Even Worse

Bots represent over 60 percent of all website traffic. This means that the majority of your website traffic could be coming from Internet bots, rather than humans. A bot is a software application that runs automated tasks over the Internet. Bots can be put into two categories, “good” and “bad.” Good bots visit websites to perform jobs, like search engine crawling, website health monitoring and website vulnerability scanning. Bad bots perform malicious tasks such as, DDoS attacks, website scraping and comment spam.

Read More

malware email addresses

Malware 101: Introduction to Exploits

Over the past couple of years, it has become apparent that similar to home and office computers needing anti-virus software and a firewall to keep them protected, individual websites have become a prime target for hackers, and they too require some form of protection. As it becomes a more lucrative racket for hackers worldwide, it’s more important than ever to understand what malware, or malicious software, is, and how it has increasingly become a problem for websites of all sizes. Before we talk about how a website can be protected from malware, let’s first cover some common purposes of malware, how it generally works and what it means for a website after it’s infected.

Read More

Google blacklist

Google Should Not Be Your Alarm System: Preventing Blacklisted Websites

According to a recent report from Google, nearly all website owners rely solely on Google’s Safe Browsing program to alert them when their site has been hacked. The report concludes that only 6% of webmasters discovered an infection via proactive monitoring for suspicious activity. That’s alarming. 

Read More

Tax refund

Learn How to Protect Your Tax Refund from Hackers

Filing for your taxes can be a nuisance, but the refund you receive is well worth the effort, especially if you have big plans for your tax credit. But how would you feel if your refund check was stolen?

Read More

Defaced by AnonGhost

Don’t Panic: Website Defacements from 2015

Bad actors have attacked websites since the beginning of the internet. They have many reasons for taking over websites — money, infamy, politics, curiosity — though nothing grabs attention more than the visual defacement of a site. Website defacement occurs when a bad actor gains access to the site files, and replaces the index or home page with their own page.  We’ve seen many of these over the last year, but what are the real consequences for the sites that are defaced? We’ll discuss the effects of a defacement on a website, and the reasons why they happen.  We will also outline what you should know about defacements and how to secure your site against them.

What Is A Website Defacement?

AnonGhost website defacement

Read More

malware email addresses

Looking at 1,000 Malware Email Addresses

Why Email Addresses?

When the SiteLock support teams clean malware from websites, it’s not unusual to find email addresses somewhere in the injected code.  So the research team decided to dig into some of those  malware email addresses to see what we could learn.

With the help of the SECCON (security concierge) and Expert Services teams, we gathered over 1,000 email addresses in short order. We hoped to see potential patterns such as highly used email providers and learn how the addresses were used, with the added benefit of providing a list of strings to detect malware.

Where Malware Email Addresses Can Be Found

The list of 1,012 email addresses consists mostly of phishing repositories, with some shell install and login notifications, ego addresses, and a few spoofed “From” addresses from phishing files. The full list of malware email addresses is found at WSTNPHX’s GitHub page.

Read More

Injected JavaScript

JavaScript Malware Injected Into WordPress Themes

The SiteLock support teams are always encountering new types of malware.  This week we’ll discuss a recent infection of WordPress theme files, header files specifically, brought to our attention by SiteLock’s Security Concierge, or SECCON, Team.

Where Was This New Malware Discovered?

SECCON notified the research team of what seemed to be a new JavaScript infection found in WordPress theme header.php files, like wp-content/themes/twentyfifteen/header.php. The infection consists of two lines of identical JavaScript injected into the header file, targeting the closing tag.

 

Sample malware infection

Sample Infection

Read More

Page 3 of 6

Powered by WordPress & Theme by Anders Norén