top of page
ALL POSTS
WordPress Malware Hides C2 Instructions in Steam Profile Comments
Key Findings New malware campaign discovered on approximately 1,980 WordPress sites using Steam Community profile comments to store encoded command-and-control instructions Malware uses invisible Unicode characters hidden within visible Steam profile comments to deliver payloads, making detection difficult Infected sites load external malicious JavaScript and contain a server-side backdoor capable of modifying PHP files for persistent access Campaign first detected in July 20
Jun 23 min read
JS#SMUGGLER Campaign Exploits Compromised Websites to Distribute NetSupport RAT
Key Findings Securonix researchers discovered a new malware campaign dubbed JS#SMUGGLER that delivers the powerful NetSupport RAT through compromised websites. The attack is designed in three stages to evade detection, starting with an obfuscated JavaScript loader, followed by a hidden HTML Application (HTA) and a final PowerShell payload that downloads and executes the NetSupport RAT. The multi-layered tactics, including encryption, compression, and in-memory execution, indi
Dec 8, 20252 min read
bottom of page
