Home | News | Sucuri Security News (page 5)

Sucuri Security News

GitHub Hosts Infostealers Part 2: Cryptominers and Credit Card Stealers

A few days ago, we reported that hacked Magento sites had been pushing infostealing malware under the disguise of Flash player updates. In this post, we’ll reveal how this recent attack is related to an extremely hot topic – cryptocurrencies and cryptomining. Infostealer Analysis The malware binary files we found were packed with Themida, so the file analyses didn’t provide ...

Read More »

GitHub Hosts Lokibot Infostealer

A few months ago, we reported on how cybercriminals were using GitHub to load a variety of cryptominers on hacked websites. We have now discovered that this same approach is being used to push binary “info stealing” malware to Windows computers. Infected Magento Sites Recently, we identified hundreds of infected Magento sites with the following injected script: https://strongbit.wo[.]tc/js/lib/js.js/strong The contents of ...

Read More »

Steps to Keep Your Site Clean: Access Points

Unfortunately, most website owners know what it’s like to have a site hacked – the panic, the rush to find anyone out there that can help, and the worry it causes. Maybe you were able to get your site back on track or had a company clean the site for you, but the important thing is that your site is ...

Read More »

Mail from the ‘Boss’ – A Classic Example of a $_POST Mailer Stealing CC Data

We often find mailer scripts while cleaning malicious code from websites. Some of them are easily discovered, while others are obfuscated or heavily encoded. These “mailers” allow bad actors to send unwanted emails from your domain, and can be triggered through the misuse of a vulnerable extension or leftover backdoor malware scripts. The $_POST Mail Came from the “Boss” During ...

Read More »

Intro to Securing an Online Store – Part 2

Last year, we introduced the theme of Securing an Online Store. We talked about how to identify the potential risks and what to look out for. These principles can help in satisfying PCI DSS requirements 8 & 10: Requirement 8 – Identify and authenticate access to system components. Requirement 10 – Track and monitor all access to network resources and cardholder data. ...

Read More »

The Impacts of Zero-Day Attacks

Last week, we explained what zero-day vulnerabilities and attacks are. Essentially, zero-day vulnerabilities exist in the wild, with no patch available to prevent hackers from exploiting it. Today, we would like to expand on the impacts of these attacks. What Do Zero-Day Attacks Depend On? The impact a zero-day attack can have on your online presence can vary. Some of ...

Read More »

New Guide on How to Clean a Hacked Website

Our mission at Sucuri is to make the internet a safer place and that entails cleaning up hacked websites. We have teams who actively research website vulnerabilities and who are eager to share with you some tips on how to clean your hacked website. We are happy to help the community learn the steps they can follow to get rid ...

Read More »

Understanding Zero-Day Vulnerabilities & Attacks

In computer science, a vulnerability is considered to be a zero-day vulnerability if it’s unknown to all parties interested in patching it, such as: The team maintaining the project The users of the project Vulnerability researchers Vulnerability researchers are the good guys – people who won’t take advantage of the vulnerability for their own gain and who will exercise responsible ...

Read More »