A sophisticated JavaScript-based credit card skimmer/stealer has been discovered on a compromised WooCommerce-powered WordPress e-commerce website. The malware leverages obfuscation, external payload delivery, and advanced...
WordPress Redirect Malware: Latest JavaScript Injection Attack
This malicious script was found within core JavaScript and Theme files and is designed to stealthily redirect specific users, primarily Windows users on modern browsers...
Fake Captcha on WordPress Leads to Windows Malware
A suspicious JavaScript snippet was found on a compromised WordPress website. This code appears to mimic a CAPTCHA or verification process but ultimately displays a...
Credit Card Skimmer Masquerading as FB Pixel on WooCommerce
A malicious JavaScript block masquerading as a Facebook Pixel was found on a WordPress website that's using WooCommerce to sell and accept credit card payments...
New XYZ Malware Campaign Targeting WordPress Websites
The iogamesl[.]xyz & wp3[.]xyz malware campaign goal is to exploit the WordPress admin panel and create a rogue administrative user, Install Fake plugins to maintain...
Credit Card Skimmers Can Steal & Ruin Your Holidays Cheer!
We will analyze a sample malicious JavaScript code found by a MoeSec Security Analyst, decode it, and explain its purpose. Furthermore, we will outline the...
Analysis of a New Balada Malware found on WordPress Websites
The Balada Injector is a well-known family of malware that primarily targets WordPress sites. It mass-injects malicious JavaScript into websites, often taking advantage of vulnerabilities...
Analysis of a newly found Malicious JavaScript on WordPress Sites
The MoeSec security team recently discovered a piece of malicious JavaScript on a WordPress website. This script was injected using the Simple Custom CSS and...
Credit Card Skimmer Targets Sites using Magento, WooCommerce and OpenCart
This article analyzes a specific skimmer affecting Magento, WooCommerce, and OpenCart based websites, deciphers its malicious code, discusses how it operates, and provides steps for...
New SocGholish Malware Found on WordPress Websites
New wave of SocGholish JavaScript malware injection Found on many WordPress Websites loading malicious code from MEMORYLOADER[.]COM