<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Author: Naveen Velusamy

“Adicionar Banco Inter ao WooCommerce” WordPress Plugin with Malware

Adicionar-Banco-Inter-ao-WooCommerce-WordPress-Plugin-with-Malware

As part of Imunify360’s proactive malware research activities, we recently identified that a plugin named Adicionar Banco Inter ao WooCommerce from WordPress repository, which can be used to identify malware in web servers, indeed had active malware inside one of the plugin’s source files.

“Malicious Checker” WordPress Plugin with Malware

IMUNIFY360_MALWARE_Websites

As part of Imunify360’s proactive malware research activities, we recently identified that a plugin named Malicious Checker from WordPress repository, which can be used to identify malware in web servers, indeed had active malware inside one of the plugin’s source files.

Analyzing A New WordPress Malware Campaign

wordpress-analysing

 

Web sites running WordPress are like catnip for hackers. Among the millions of WordPress users are many with weak login credentials, which are exploited to launch malware campaigns. 

Many such campaigns have been launched recently, and we at Imunify360 have discovered another one. We first detected it on 13 April, and since then we’ve seen it blocked by Imunify over 300,000 times. In the past month, this campaign has compromised thousands of unprotected WordPress-based web sites. 

Let’s analyze this new WordPress malware campaign to see what makes it dangerous to web sites running WordPress. 

How to stop doorway pages damaging your domain's reputation

doorway pages seo Imunify360

Doorway pages are a great way to improve a website’s SEO ranking.


They’re also a great way to get your domain blocked by major search engines.

So why are they still prevalent? How do they work, and why should you care if your web server hosts them?

That’s what I’ll cover in this article.

Malware Masquerading as a Web Server Image Processor

b2ap3_large_IM-MalwareMasquerading

Your web server's image processor could be malware hiding in plain sight.

I'm going to describe an interesting type of malware the Malware Intelligence Team recently uncovered during a recent research operation.

At the time of writing, there were 11,320 cases of it detected and neutralized on 265 websites across 183 servers.

It is a particularly ingenious and potentially destructive type of malware: it is designed to appear as a legitimate image processor, and can act as a backdoor to your web server.

File System Friend or Foe? - How to Tell if a File is Malicious or Not

b2ap3_large_20190405164234_bad-file

An unlucky upshot of running your own website or online store is that, sooner or later, hackers will add it to their ‘juicy list of prey’. Once in their list, hackers will continuously scan and probe your site for weaknesses, trying to find a way to further their illicit goals.

Subscribe to Imunify security Newsletter