The Websense ThreatSeeker Network has detected that the website hxxp://goeast(dot)wagamama(dot)com, associated with Wagamama (a Japanese and sushi restaurant chain), has been compromised and injected with malicious code, also known as a RunForestRun attack. RunForestRun attack exploits vulnerability in Parallels Plesk to obtain user account credentials, then compromised accounts are used to modify JavaScript files. As shown […]
While large blobs of obfuscated JavaScript at the top of the page are easy to spot, malicious JavaScript can often be hard to spot on hijacked sites. Some attackers go to great lengths to make their malicious code invisible to webmasters and security tools alike. In this post, I’ll illustrate some of the places more […]
I have this beautiful website and now there’s all this garbled code across all of my PHP files. What’s it do, and how did it get there?This is a quick post to show you some encoded crud that can attack your site, and do some pretty bad stuff.Encoded Payload – Eval( base64_decode)Generally speaking, we see […]
Latest Comments