Category Archives WordPress Security

Cryptomining Hack Websites

What is Crypto Mining Malware (CoinHive Javascript)? How are you affected? CoinHive is an online service which provides cryptocurrency miners (crypto mining malware) that can be installed on websites using JavaScript. The JavaScript miner runs in the browser of the website visitors and mines coins on the Monero blockchain. It is promoted as an alternative to placing advertising on the website.…

WordPress Code Injection

Wordpress sites have always been targets for internet fraudsters owing to its large user base and a wide range of functionalities. Using vulnerable Plugins, not timely updating to the latest versions, not applying patches regularly, and carelessness in security measures are the major reasons for a large number of attacks on Wordpress Sites. Unfinished Wordpress installations have rendered the world's…

How Does the WordPress DoS Exploit Work?

Wordpress, one of the most popular content management systems in the world is rendered vulnerable to yet another vulnerability capable of bringing down an entire WordPress powered system. Statistically powering nearly 29% of the web, an unattended Wordpress vulnerability breeds serious consequences for businesses and websites. The Wordpress DoS Vulnerability The vulnerability (CVE-2018-6389) was discovered by Israeli researcher Barak Tawily. According to Tawily, the flaw…

How to fix WordPress admin dashboard (wp-admin) hack

One of the worst feelings you can experience as a website owner is finding out that your website has been hacked. If proactive security measures are not taken - a hacker may be able to launch Pharma attacks, Phishing pages, Japanese SEO spam, Redirection Malware etc. through WordPress Admin panel hack. A new type of wp-admin hack has surfaced which adds an…

Securing-website-from-malware-Astra-Security-WordPress-OpenCart-Magento-Malware-Removal.png

Malware attacks are bad! They bring your business to a stand still and cause a loss money, reputation and even customers. Usually business owners only start caring about malware after they get infected with it. As they say everyone feels secure until they get hacked, and they haven't got hacked until now because a hacker didn't try. Once infected, it…

Wordpress, Drupal, and Joomla together occupy the maximum market share in Content Management Systems (CMS) used to develop websites. These CMSs provide the building blocks for a large part of the internet and attract a horde of hackers. They are a prime target for malicious attacks mostly involving data theft, transaction fraud or SEO spamming. Also, check our blog post on…

Removing Pub2srv malware from Opencart & WordPress

We’ve been watching a specific malware infection targeting OpenCart & WordPress websites for several months. It's commonly referred to as the pub2srv malware infection which redirects your website visitors to other malicious domains like go.pub2srv[.]com go.mobisla[.]com go.oclaserver[.com] deloton.com/afu.php?zoneid= site Dolohen.com Also, Google will suspend your Ads under Malicious links on your website. Few of them are https://defpush.com/ntfc.php?p=1565632 https://deloplen.com/apu.php?zoneid=1558096 https://go.mobisla.com/notice.php?p=1558098&interactive=1&pushup=1 https://mobpushup.com/notice.php?p=1558098&interactive=1&pushup=1 https://wowreality.info/page.js?wm=gr…

Wordpress, the juggernaut CMS powering more than 1 billion websites, most notable ones being Techcrunch, The New Yorker, Sony, and MTV among many other, is not devoid of vulnerabilities when it comes to website security. Recently, one of its most popular plugins, WP Statistics, was deemed as flawed, rendering nearly 300,000 websites open to exploitation by attackers online. The plugin WP Statistics has…

Close