Last Updated on 07/14/2023 by OTC
During a recent investigation, our malware remediation team encountered a variant of a common malware injection that has been active since at least 2017. The malware was found hijacking the website’s traffic, redirecting visitors via a parked third-party domain to generate ad revenue.
In most cases, the injection typically looks something like this:
While the variable names used for the injection will vary from site to site, the end result is the same: the injection loads a script from a third-party server, which can pose significant security risks to website traffic when controlled by one or more bad actors.