Aug13
0

Website Malware: Mobile Redirect to BaDoink Porn App Evolving

Joomla, Online Security, web design, WordPress Share this post

Recently, we wrote about a malware redirection on this blog where the malware was causing compromised sites to redirect their visitors to pornographic content (specifically, the BaDoink app). You can read more about what we found by going to our previous blog post.

As described in the original post, some particular files were infected (examples were the index.php, wp-config.php and others). We thought that was enough malware for one app. However, while we were working on an infected site today, we found a new malware injection causing this redirection.

Since all of the sites web files were clean and we didn’t find any suspicious Apache modules or binaries, it took a while for us to figure the problem out. However, it became much more clear once we investigated the PHP binary and found some suspicious entries.

Read more here or call us for a free assessment of your website’s state of (in)security – Frank 403-291-9811

Leave a Reply

Your email address will not be published. Required fields are marked *