all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Xjquery Wave of WordPress SocGholish Injections

Add to bookmarks
May 9, 2023, 4:54 p.m. | Denis Sinegubko

Sucuri Blog blog.sucuri.net

In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish scripts into compromised WordPress sites. A bit later, we documented minor changes in the way this malware worked.


By the end of March, 2023, we started noticing a new wave of SocGholish injections that used the intermediary xjquery[.]com domain. It appeared to be another evolution of the same malware.


Continue reading Xjquery Wave of WordPress …

ben compromised compromised wordpress sites database encrypted end files hacked websites hackers inject malware march november options scripts socgholish website malware infections website security wordpress wordpress security zipped

Visit resource

More from blog.sucuri.net / Sucuri Blog

WordPress Vulnerability & Patch Roundup April 2024 2 days, 9 hours ago | blog.sucuri.net
april attacks automated awareness +33
What is a Zero-Day Vulnerability? 6 days, 8 hours ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 1 week, 1 day ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 1 week, 6 days ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 2 weeks, 1 day ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 2 weeks, 6 days ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 3 weeks, 2 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 4 weeks, 1 day ago | blog.sucuri.net
adoption black hat tactics can cms +19
WordPress Vulnerability & Patch Roundup March 2024 1 month ago | blog.sucuri.net
attacks automated awareness best practices +32

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850
View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York
View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA
View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com
View more jobs