Category: Security
-
How to Deal with the Latest WordPress Outbreak?
Malicious hackers are finding new ways to compromise legitimate, benign websites with web malware. The goal of this post is to highlight a long running saga of a specific kind of malware injection, which we’re calling the “rr.nu/mm.php” variety. This specific variety of malware has very poor detection rates when Anti Virus programs are used [...]
-
What is Malware? And How is Web-Malware Different?
The word malware has been used often in recent times. However, what does malware actually mean? There is a lot of confusion among Internet users and others about what malware really is and what a piece of computer software branded as malware really does? In this short article, we will explain what malware is and [...]
-
Experts Explain: WordPress Security
This is the sixth part in our series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article we will talk about WordPress security. WordPress is arguably the most popular content management system (CMS) on the Internet today. Malicious [...]
-
Experts Explain: .htaccess Attacks
This is the fifth part in our series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article we will talk about a very popular attack method used to infect legitimate websites: .htaccess redirection. This technique is used by [...]
-
Experts Explain: Hidden Backdoors
This is the fourth part in a series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. In this article we will discuss one of the most common attack methods used to infect benign websites: Hidden backdoor shells. This particular compromise [...]
-
Experts Explain: Cross Site Scripting
This is the second part in a series of posts here at StopTheHacker where we describe the various methods that malicious hackers use to infect benign and legitimate websites with web-malware. This time, we will discuss one of the most prolific techniques used to compromise millions of websites: Cross Site Scripting. Cross Site Scripting attacks [...]
-
Experts Explain: SQL Injection
Website security is an arms race. Malicious hackers modify their methods constantly to infect benign and legitimate websites with web-malware. One of the most common techniques used to compromise millions of websites is called SQL Injection. SQL injection attacks have been making headlines increasingly in the past few months. This highlights the sorry state of [...]
-
Chickenkiller Infections
Malicious hackers are continuously evolving the strategies they use to infect thousands of innocent and benign websites with malicious computer code, i.e. web malware. Web malware is a relatively recent phenomenon and is quite different from the “standard” viruses and trojans that are known to infect PCs and servers. How do I identify the malicious [...]
-
RokBox.js Infections
Today’s websites make use of many third party plugins to add new functionality with the least amount of effort. The inclusion of these third party plugins brings significant additional risk, namely the introduction of vulnerabilities to one’s website through vulnerabilities in the plugin itself. A prime example of this is the Timthumb malware outbreak that [...]
-
DragosImport, Domboware Attacks
In the recent weeks, two websites have been used increasingly to mount attacks on unsuspecting visitors of legitimate, benign, sites compromised by malicious hackers. We will discuss the details of these distribution sites in our post. Is my site infected? First, to determine if your site has been compromised by the infections mentioned here, search [...]
