Infected Websites: How bad can it be? Here are the top reasons for having a website: Information Dissemination Personal Biography Marketing your business Online shopping Let's have a look at sample scenario: Your new and shiny website is ready and goes online to serve your goals. You are enjoying every activity involved in building up your online presence like sharing information, marketing your business, serving your online shoppers and much more.

Read more →

Deobfuscation made easy with MalwareDecoder.com Battling malware has been a very competitive and very fulfilling task nowadays. It brings joy and confidence to each Malware Analyst that can discover or unravel the code being used for an attack or infection. We at Quttera, were able to help other Malware Analysts with their tasks by providing tools for them to be used in their analysis. We have tested it with one of the suspicious files that we got on one of our clean ups.

Read more →

Malicious ads and website reputation Malvertising is one of the most profitable businesses in the cyber hacking industry. Exploiting website inventory is highly beneficial for cyber criminals as it is then sold to redirect traffic to gambling, adult, pharma and similar kinds of websites. Needless to say, that its damage to both publishing websites and advertising network reputation is huge. Ideally, Web Admins are the ones responsible for checking the Ads that their site is showing.

Read more →

Website Defacement is just a click of a button In the past few months, Quttera malware researchers encounter a significant rise in website defacements by hackers. Government websites, among the others, were under such cyber-attack and thus getting a lot of attention and concern from the public. Interesting fact that, in some cases, hacker groups used defacement as their "cyber branding". The number of such sites being defaced is then used as a global ranking of a responsible hacker group.

Read more →

Security tools serving good and bad This is a python script used by Cyber Security Analysts to check for vulnerabilities in website . Like any other network security tool, it is being utilized by many, meaning it was also being utilized by the bad guys a.k.a "hackers". While we were browsing the dark web, we stumbled upon a hacking forum where you need to take an exam before you could join their group.

Read more →

RedKit Malware Still Alive RedKit Malware RedKit malware as detected by Online Malware Scanner Background Back in 2013, we posted about RedKit infecting significant number of websites. It appears that, three years later, the statistics of the websites submitted to online malware scanner show the revive of this malware among infected websites. Malicious action Malicious iframes are often used to distribute malware hosted on external web resources(websites). Malware entry The URL in src of the iframe hosts another ~15 similar HTML pages (mzcf.html) leading to drive-by-download attack.

Read more →

Traffic Distribution System (TDS) On Infected WebsitesThis malware technique is widely used to monitor and redirect traffic from compromised website to malicious content or paid referrals. In past, we highlighted similar cases in our blog: Blacklisted website used to drive traffic to ‘penny stock website’ Malicious TDS flow Malicious Traffic Distribution System diagram BackgroundThreatSign! client received complaint from his customer that his website got blocked when accessed from Google Chrome. Malware detailsUpon internal malware scan the infection was identified inside WordPress theme.

Read more →

FilesMan Backdoor Malware On Your Computer FilesMan is being abused in the wild What is FilesMan? It is a File Manager used to explore the files in a computer. It is the most basic malware tool that attackers upload to your website as a form of backdoor to browse your files. Some of these File Managers are sophisticated and has their own GUI (Graphical User Interface), some are capable of uploading and downloading files from your website as if the attackers were in front of your computer browsing it personally.

Read more →

What is Cross Site Scripting (XSS)? May 26th 2016 jetpack disclosed a XSS vulnerability discovered in their popular plugin. We would to take this opportunity and describe what is XSS. Cross Site Scripting or XSS attack refers to injection of the malicious code or malicious payload into pages of legitimate website. Further, when these compromised pages are visited by website users, the injected malicious code (or payload) is executed by client-side application (visitor's web browser) and performs the actual malicious action such as: redirecting visitor to another website, download and installation of malicious code, showing adult ads and etc...

Read more →

Obfuscated malicious JavaScript code generated hidden iframe to drive traffic to customer website Background Online Website Malware Scanner has identified malicious JavaScript code injection in the scanned website. Usually, such malicious obfuscated JavaScript code is used to build malicious iframe invisible to the website user and which downloads content from remote malware distributor. This website is located in Ukraine and it is used by Traffic Direction System (TDS) managed by malicious domain revmihyr[.]ru as referrer to 'penny stock' website.

Read more →

Malware clean-up and hacking recovery for websites

Get your website cleaned and removed from blacklists. Prevent traffic loss and protect your visitors now.

economy

119$

/yr

1 domain
Blacklisting removal
Malware clean-up
Daily malware scanning
Malware scan reports by email
Re-scan anytime
Create Account
professional

399$

/yr

5 domains
Blacklisting removal
Malware clean-up
Daily malware scanning
Malware scan reports by email
Re-scan anytime
Create Account

more plans

Need help? contactus@quttera.com

Newsletter

What's in newsletter?

Example newsletter



© 2016 Quttera Ltd. All rights reserved.