https://blog.polaris64.net/tags/analysis/ Recent content in Analysis on Polaris64's blog Hugo en-uk Mon, 24 Aug 2020 12:34:40 +0100 https://blog.polaris64.net/post/wordpress-hacks-jquery-js-script-injection/ Mon, 06 Mar 2017 22:04:00 +0000 https://blog.polaris64.net/post/wordpress-hacks-jquery-js-script-injection/ Introduction In the second of my series of articles about different exploits seen for WordPress sites, I discuss a particular attack that causes all pages on an infected site to redirect to a page of the attacker’s choice, which in this case was an affiliate link. This attack involves adding malicious code to jQuery .js files based on the assumption that jQuery is probably going to be included in every page request. https://blog.polaris64.net/post/wordpress-hacks-functions-php-backdoors/ Fri, 03 Mar 2017 22:03:00 +0000 https://blog.polaris64.net/post/wordpress-hacks-functions-php-backdoors/ Introduction I recently noticed that a number of our client sites had some suspicious code added to the top of the functions.php file for each of the installed themes. This is an investigation into this code and details of how to remove it. I am making this information available in the hope that it will be a useful resource for anybody that suffers this attack on their own WordPress sites. I strongly believe that by making this information public I can help others to combat these types of attacks.