Affiliate Cookie Stuffing in iFrames

Inline frames (iFrames) are an easy way to embed content from another site onto your own. This element allows you to insert another document inside an HTML page and can be really useful for embedding interactive applications like Google maps, advertise…

from Affiliate Cookie Stuffing in iFrames

Advertisements

Website Malware: Unwanted Exit to YourBrexit

Website Malware: Unwanted Exit to YourBrexit

Some website hacks aim to make some political statements. Defacements are well known for this. Some infections redirect visitors to scam sites that push (usually counterfeit) goods or (often illegal) services. But what would you feel if your site redirected visitors to a political news site?

This time we are talking about an attack that mainly targets UK sites and has redirected over 2 million (mostly UK) visitors to YourBrexit[.]net – a site that publishes politically-charged commentary about Brexit.

Continue reading Website Malware: Unwanted Exit to YourBrexit at Sucuri Blog.

from Website Malware: Unwanted Exit to YourBrexit

WordPress Security – Unwanted Redirects via Infected JavaScript Files

WordPress Security – Unwanted Redirects via Infected JavaScript Files

We’ve been watching a specific WordPress infection for several months and would like to share details about it.

The attacks inject malicious JavaScript code into almost every .js file it can find. Previous versions of this malware injected only jquery.js files, but now we remove this code from hundreds of infected files. Due to a bug in the injector code, it also infects files whose extensions contain “.js” (such as .js.php or .json).

Continue reading WordPress Security – Unwanted Redirects via Infected JavaScript Files at Sucuri Blog.

from WordPress Security – Unwanted Redirects via Infected JavaScript Files

Learning From Buggy WordPress Wp-login Malware

Learning From Buggy WordPress Wp-login Malware

When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up the infection and look no further. Many go on to patch vulnerable software, change their passwords, and perform other post-hack steps. All of this is good, but hackers who follow through the sustainment phase of the attack also leave behind ways to easily reinfect the site.

After breaking into a website, hackers want to make sure they still have access if the original security hole is closed.

Continue reading Learning From Buggy WordPress Wp-login Malware at Sucuri Blog.

from Learning From Buggy WordPress Wp-login Malware