Online shopping has seen a dramatic increase in the months following the Covid-19 outbreak as more and more people opt-out of visiting physical stores. Such a phenomenon does not go unnoticed or without additional consequences. During the same time period, we have seen an increase in the usual scams but also digital skimming, the online equivalent of credit

Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invisible, malicious iFrame. It appears that the author of that Flash malware continued with this method of infection. Now we are seeing more varieties infecting both WordPress and Joomla websites. Though it

Last year, we released a post about a malware injector found in an Adobe Flash (.SWF) file. In that post, we showed how a .SWF file is used to inject an invisible, malicious iFrame. It appears that the author of that Flash malware continued with this method of infection. Now we are seeing more varieties infecting both WordPress and Joomla websites. Though it

Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim’s web traffic to a hacker-controlled webserver, generally through a malicious modification of DNS settings.Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email.Researchers at Kaspersk

One of the widely used technique by cyber criminal to promote thier malwares is by compromising a popular website that have a large number of visitor and host a malicious code on the webpage to make it infecting users. this is not good for the company reputation and will make the botnet circulate further.New case have been reported today by Symantec securit

On October 27, while tracking exploit kits (EKs) and infected domains, Symantec discovered that the popular music news and reviews website spin.com was redirecting visitors to the Rig exploit kit. This exploit kit was discovered earlier this year and is known to be the successor of another once popular EK, Redkit. The Rig EK takes advantage of vu

Security Experts at FireEye discovered a new malicious campaign which is targeting Chinese organizations with iFrame traffic redirection to serve RAT. Security experts at FireEye observed a new malicious campaign that is targeting non-profit organizations and non-governmental organizations by compromising legitimate website. T

The website for one of Brazil’s biggest newspapers has been compromised with malware that tries to change the victim’s router DNS settings.Web security company Securi published a report yesterday that Politica Estadao’s website was loading iFrames that carried out a brute-force attack against the victim’s home router’s admin credentials. A similar styl

Earlier this week, Sucuri wrote about auto generated iframes in hacked WordPress blogs. The malicious PHP code fetched the iframe URLs from a remote server (hxxp://82 .200 .204 .151/config.inc.php) on-the-fly every time someone loaded infected web pages. This trick helped regularly update the malicious URLs without having to change the code on each hacked si