Categories
Malware MySQL PHP Security Advisories Technology News Web Applications WordPress

OneTone WordPress Theme Vulnerability

We found many WordPress websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable WordPress OneTone theme.

The hack usually takes place in this file: ./wp-content/themes/onetone/includes/theme-functions.php

Beside the above file infection, The Hacker also inject a “eval(atob” malicious javascript malware in WordPress database onetone value within the wp_options table which is responsible for redirecting the website to other suspicious domains such as ischeck[.]xyz

You can check your website security by using this Free website malware scanner

Here is a snippet showing the infection in action as found on an infected website:

[[email protected] ~]$ curl -I https://victim-website[.]net/

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 11 Apr 2020 19:51:16 GMT
Server: Apache
X-Powered-By: PHP/7.2.16
Location: https://ischeck[.]xyz

As you can notice, The Rank Math SEO is causing a redirect to the malicious domain ischeck which is then redirect to checkandgo and overzoruaon spam domains. Some of the malware domains involved with this specific hack incident:

checkandgo[.]info

ischeck[.]xyz

https://overzoruaon[.]com/

Signup and Try our malware removal service and let’s clean & protect your websites by using our Website Firewall Protection!

You can check your website security by using this website malware scanner

https://scan.attacker.net

Website Hacked OR #Blacklisted? Get it Cleaned & Protected Immediately!

https://attacker.net/website-security-plans-pricing

https://attacker.net/website-security

Free Scanner: https://scan.attacker.net

#Security #wordpress #joomla #magento #drupal #hosting #cpanel #linux #websitesecurity #securedwebsite #hacked

Categories
Control Panels cPanel/WHM DirectAdmin Drupal InterWorx ISPConfig Joomla! Linux Magento Malware PHP Plesk Security Advisories Web Applications Windows WordPress Xen

White-label Website Security Solutions for Hosting companies

White-label Website Security Solutions for Hosting companies & Agencies. Scanners, Malware Removal & Firewall.

https://attacker.net/website-security-plans-pricing

https://attacker.net/website-security

Free Scanner: https://scan.attacker.net

For more info, Please contact us at: [email protected]

#Security #wordpress #joomla #magento #drupal #hosting #cpanel #linux #Hacked

Categories
Ethical Hacking Malware PHP Security Advisories Web Applications WordPress

WordPress Rank Math SEO Plugin vulnerability used to inject malware Redirecting to other websites

Recently, We noticed so many infected websites redirecting to malicious URLs and spam domains. After a deep investigation it turned out to be caused by the vulnerable Rank Math SEO WordPress Plugin.

The vulnerable version is 1.0.40.2 so make sure you get it updated to last released version that have this vulnerability patched.

Here is a quick snippet showing the live infection in action as found on an infected website:

[[email protected] ~]$ curl -I https://victim-website[.]com/

HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Keep-Alive: timeout=15
Date: Mon, 28 Mar 2020 13:51:16 GMT
Server: Apache
X-Powered-By: PHP/7.3.16
X-Redirect-By: Rank Math SEO
Location: https://ischeck[.]xyz

As you can notice, The Rank Math SEO is causing a redirect to the malicious domain ischeck which is then redirect to checkandgo and overzoruaon spam domains. Some of the malware domains involved with this specific hack incident:

checkandgo[.]info

ischeck[.]xyz

https://overzoruaon[.]com/

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website security by using this website malware scanner

https://scan.attacker.net

Website Hacked OR #Blacklisted? Get it Cleaned & Protected Immediately!


https://attacker.net/website-security-plans-pricing

https://attacker.net/website-security

Free Scanner: https://scan.attacker.net

#Security #wordpress #joomla #magento #drupal #hosting #cpanel #linux #websitesecurity #securedwebsite #hacked

 

 

Categories
CentOS CloudLinux Control Panels cPanel/WHM Debian DirectAdmin Drupal Ethical Hacking InterWorx ISPConfig Joomla! Linux Linux Security Magento Malware MySQL OpenVZ PHP Plesk Proxmox Security Advisories SolusVM Technology News Tutorials Ubuntu Uncategorized Web Applications Webmin WebSitePanel Windows Windows Security WordPress Xen

Website Hacked OR Blacklisted? Get it Cleaned & Protected Immediately! 50% OFF – Attacker.NET

Website Hacked OR #Blacklisted? Get it Cleaned & Protected Immediately! 50% OFF


https://attacker.net/website-security-plans-pricing

https://attacker.net/website-security

Free Scanner: https://scan.attacker.net

#Security #wordpress #joomla #magento #drupal #hosting #cpanel #linux #websitesecurity #securedwebsite #hacked

Categories
CentOS CloudLinux cPanel/WHM DirectAdmin Drupal Ethical Hacking InterWorx ISPConfig Joomla! Linux Linux Security Magento Malware MySQL PHP Plesk Proxmox Security Advisories SolusVM Technology News Web Applications Webmin WebSitePanel WordPress

FREE Trial

You can signup and Try our Website Security Monitoring, Website Firewall Protection, Malware detection and Blacklists Monitoring Services for 30 days – Completely FREE Trial! No obligations, No contract, No credit card required!

Try it Now – It’s FREE:

https://attacker.net/website-security-plans-pricing

Read more at: https://attacker.net/website-security

Categories
CentOS CloudLinux Control Panels cPanel/WHM Debian DirectAdmin Drupal Ethical Hacking InterWorx ISPConfig Joomla! KVM Linux Linux Security Magento Malware MySQL OpenVZ PHP Plesk Proxmox Security Advisories SolusVM Ubuntu Web Applications Webmin WebSitePanel Windows Windows Security WordPress

Attacker.NET 50% End of Year Promotion

Our biggest sale of 2019 is live until Jan 1st 2020! Get 50% off Websites Security plans, Server Management plans, Malware Cleanup & Removals, Website Firewall protection and more.

Our website security solutions include website monitoring, Malware detection, Hack cleanup, Firewall protection and much more!  

https://attacker.net/website-security

https://attacker.net/website-security-plans-pricing

You can check our Free Website Security Scanner: https://scan.attacker.net/

Our Server Management plans are available for Linux & Windows servers.

https://attacker.net/linux-server-management

https://attacker.net/windows-server-management

You can also check out our Outsourced Hosting Support services for white-labeled Hosting support.

https://attacker.net/outsourced-support

Don’t miss checking out our Partnership & Affiliation offers at https://attacker.net/affiliate

Please use this promotion code to claim your discount: welcome2020

Kind regards,

Attacker.NET Team

Categories
Malware PHP Security Advisories Web Applications WordPress

Delucks SEO plugin Vulnerability – JS injection Redirecting to other websites


Any versions below 2.1.7 is vulnerable to this security issue and websites using older versions are likely hacked.

Hackers are exploiting it and injecting their malicious javascripts into files and database mainly in the dpc_basic_metadata rows under the wp_options table.

The injected JavaScript code is loading the following remote JS files:


https://adsnet[.]work/scripts/place.js

https://media-sapiens[.]com/pu-placer.js

to cause redirects to other malicious websites such as:

double-clickd[.]com

belaterbewasthere[.]com

redrelaxfollow[.]com

greenrelaxfollow[.]com

And many others.

Signup and Try our malware removal service and let’s clean & protect your websites! Protect your website using our Website Firewall NOW!

You can check your website securityby using this website malware scanner

https://scan.attacker.net

 

 

 



Categories
Drupal Joomla! Linux Magento Malware PHP Security Advisories Web Applications WordPress

Do you value your Business at ZERO?

Your business value is linked to your security strategy. If you don’t have your own plans then YOU value your data at ZERO.

DO NOT Risk losing it!


Start now, Website Security & Hack Cleaning service + FREE Website Firewall + FREE SSL + 50% OFF


https://attacker.net/website-security
https://attacker.net/website-security-plans-pricing

You can check your website security by using this free website malware scanner https://scan.attacker.net

Categories
PHP Security Advisories Web Applications WordPress

WordPress WP Live Chat Plugin is massively exploited in the wild and redirects to other spam websites

Any versions below 8.0.27 is vulnerable to this security issue and websites using older versions are likely hacked.

Hackers are exploiting it and injecting their malicious javascripts into files and database mainly in the “siteurl” and “home” rows in your wp_options table to cause redirects to other malicious websites such as:

letsmakesomechoice[.]com
garrygudini[.]com
blackawardago[.]com
detectnewfavorite[.]com
traveltogandi[.]com
funnwebs[.]com
destinylocation[.]info
leftoutsidemyprofile[.]info
yourservice[.]live
letstakemetoad[.]com

And many others.

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website securityby using this website malware scanner

https://scan.attacker.net

Categories
PHP Security Advisories Web Applications WordPress

WordPress Blog Designer plugin vulnerability Redirecting to Malicious websites


Any versions below 1.8.10 is vulnerable to this security issue and websites using older versions are likely hacked.

Hackers are exploiting it and injecting their malicious javascripts into files and database mainly in the “siteurl” and “home” rows in your wp_options table to cause redirects to other malicious websites such as:

letsmakesomechoice[.]com
garrygudini[.]com
blackawardago[.]com
detectnewfavorite[.]com
funnwebs[.]com
destinylocation[.]info
leftoutsidemyprofile[.]info
yourservice[.]live
letstakemetoad[.]com

And many others.

Signup and Try our malware removal service and let’s clean & protect your websites!

You can check your website securityby using this website malware scanner

https://scan.attacker.net