❌

Reading view

What is online gambling spam and what can I do about it?

What is online gambling spam and what can I do about it?

Online gambling spam thrives on dreams of easy money and high stakes. Beating the house at an exotic casino. Splitting sevens. Going all in on the flop. A baccarat dealer calling La grande! For most people, though, the reality falls far short of Monte Carlo and an Aston Martin.

So they turn to online gambling. And bad actors harness that allure to create their scams. They think they’re buying credits at a hot new online casino.

Continue reading What is online gambling spam and what can I do about it? at Sucuri Blog.

  •  

My Website Is Hosting a Phishing Page – Now What?

My Website Is Hosting a Phishing Page – Now What?

Most phishing advice is written for the person staring at a suspicious email. This guide is for the other kind of victim: The website owner whose legitimate site has been quietly turned into the attacker’s weapon.

You didn’t send the message or build the fake login page. You just woke up to a browser warning, a suspended hosting account, or a polite note from someone’s security team asking why your domain is requesting Apple ID credentials.

Continue reading My Website Is Hosting a Phishing Page – Now What? at Sucuri Blog.

  •  

Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors

Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors

Overview

During a recent malware cleanup investigation, we encountered a compromised Joomla website where the site owner reported a strange issue. Their website displayed a large number of suspicious product links that had nothing to do with their business. These products were not added by the website owner and did not exist in their catalog.

Visitors and search engines were seeing pages that promoted unrelated products, raising immediate concerns about spam injection or remote content manipulation.

Continue reading Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors at Sucuri Blog.

  •  

WordPress Auto-Login Backdoor Disguised as JavaScript Data File

WordPress Auto-Login Backdoor Disguised as JavaScript Data File

During a recent investigation, we discovered a sophisticated WordPress backdoor hidden in what appears to be a JavaScript data file. This malware automatically logs attackers into administrator accounts without requiring any credentials.

In September, we published an article showcasing another WordPress backdoor that creates admin accounts. This new variant takes a different approach by hijacking existing administrator sessions instead of creating new accounts, making it harder to detect through user audits.

What turned up during our review

The file was disguised as a JavaScript asset in a PHP file located in the WordPress admin wp-admin/js directory, but it was really all PHP.

Continue reading WordPress Auto-Login Backdoor Disguised as JavaScript Data File at Sucuri Blog.

  •  
❌