Get a Pentest and security assessment of your IT network.

News

Spam Injector Disguised as License Key in WordPress Website

A client opened a malware removal ticket reporting some weird spam URLs injected onto their WordPress website. After further investigation into the files in the website, Sucuri discovered a hidden encoded spam injector malware in the following theme file:. The attacker formatted the encoded injector to look like a themes license key in order to distract the eyes of a less-trained security analyst from suspecting this to be malicious code. The attacker also hardly used any encoding to ensure it was well hidden.”]

Source: https://blog.sucuri.net/2019/01/spam-injector-disguised-as-license-key-in-wordpress.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2