Malware

X-Cart Skimmer with DOM-based Obfuscation

Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located server-side, the other client-side. X-Cart’s e-commerce platform is not nearly as popular as Magento or WooCommerce and as a result we don’t see as many threat actors targeting it. While

[ Read More ]

Massive WordPress JavaScript Injection Campaign Redirects to Ads 

Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam pages, or commercial websites with the intention of generating illegitimate traffic. As outlined in our latest hacked website report, we’ve been tracking a long-lasting campaign responsible for injecting malicious scripts

[ Read More ]