all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New SocGholish Malware Variant Uses Zip Compression & Evasive Techniques

Add to bookmarks
Nov. 15, 2022, 8:12 p.m. | Ben Martin

Sucuri Blog blog.sucuri.net

Readers of this blog should already be familiar with SocGholish: a widespread, years-long malware campaign aimed at pushing fake browser updates to unsuspecting web users.


Once installed, fake browser updates infect the victim’s computer with various types of malware including remote access trojans (RATs). SocGholish malware is often the first step in severe targeted ransomware attacks against corporations and other organizations.



Since the beginning of 2022, SiteCheck has detected different variations of SocGholish malware over 54,000 times.


Continue reading New …

black hat tactics compression hacked websites malware socgholish techniques website backdoor website malware infections website security wordpress plugins and themes wordpress security zip

Visit resource

More from blog.sucuri.net / Sucuri Blog

What is a Zero-Day Vulnerability? 17 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 2 days, 19 hours ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 1 week, 2 days ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 2 weeks, 3 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 3 weeks, 2 days ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32
Sign1 Malware: Analysis, Campaign History & Indicators of Compromise 1 month ago | blog.sucuri.net
analysis campaign clear client +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

IT Security Manager

@ Teltonika | Vilnius/Kaunas, VL, LT
View on infosec-jobs.com

Security Officer - Part Time - Harrah's Gulf Coast

@ Caesars Entertainment | Biloxi, MS, United States
View on infosec-jobs.com

DevSecOps Full-stack Developer

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Cybersecurity Cooperation Lead

@ Peraton | Stuttgart, AE, United States
View on infosec-jobs.com

Cybersecurity Engineer - Malware & Forensics

@ ManTech | 201DU - Customer Site,Herndon, VA
View on infosec-jobs.com
View more jobs