Service Overall rating: ★★★★★ 5 based on 23 reviews
5 1

BlogSimplio Labs Blog

“Once we accept our limits, we go beyond them.”

Albert Einstein

Massive WordPress Infections Reported!

Uncategorized No Comment

PublicWWW finds the most common patterns of this malware on thousands of sites:

Database Injections

Multiple variations of the injected scripts have been found. For example, when the attackers have access to the WordPress database, they inject the following script into blog posts (wp_posts table):

It loads an obfuscated script, which then loads a sequence of scripts from hxxps://www.learningtoolkit[.]club/link.php, then hxxps://mp3menu[.]org/mp3.js, and eventually redirects to tech support scam sites.


Reinfections of the Same Posts

On some sites, hackers aren’t even bothering to remove older versions of their scripts. You can find multiples scripts injected into the same posts by different waves of the malware campaign.


Malware in wp_options Table

The obfuscated learningtoolkit[.]club script that begins with “var _0xfcc4=” can also be found in the wp_options table. This happens when hackers exploit vulnerabilities in certain themes and plugins. The most common victims are sites with old tagDiv themesor unpatched versions of the Smart Google Code Inserter plugin.

In the latter case, the malware is injected into the “sgcgoogleanalytic” option where the plugin stores the Google Analytics tracking code.



If the attackers manage to get access to the file system, after uploading backdoors, they try to infect .php and .js files of the compromised sites.

The infection process begins with uploading a backdoor. We find them in site roots, in wp-content/uploads, or within other directories where the exploited vulnerability allows it.

Here are some typical names and paths of the backdoors:

The backdoor saves base64-decoded contents of the “q” parameter into the “cleartemp” file, then includes it to execute. It then immediately deletes the created file.

All the backdoors have similar content, just different parameters and names of the temporary files: cleartemptempotempltempleb, fgdfgdfg. Sometimes, the temporary files are created in /tmp or /var/tmp directories.


Worried That Your Website Might Be Infected? Click the Button Below to Call Us!


Second Level of the Backdoor

The code of the temporary files described above is another level of the backdoor. This time, it loads the content of a remote file (p4.txt or tpn2pp.txt) from a server with the IP address 190 .97. 167. 206, and saves it to yet another temporary file with name hjghjerg or minteasd.  It then includes the saved file to execute its base64-decoded code and deletes the file. For some reason after that, the backdoor executes the same code again, this time using the eval function.


Malware Injectors in Hjghjerg

Code in the hjghjerg file is responsible for injecting malware into website files. Over time, we have collected quite a few variations:

Currently, the most common version of the new infection injects the “var _0xfcc4” script into all files that have the <head> tag (for example, header.php in WordPress themes or almost any .html file).

The script is injected right after the opening <head> tag and right before the closing </head> tag. A side effect of this attack is that permissions of the infected files are changed to 777 (full permission for everyone). Keep this in mind when cleaning sites – you might want to revert their permission back to something like 644, or even a stricter file permission.


Payload to Infect JavaScript Files

Here’s another variation of the hjghjerg file injecting the same script into any JavaScript files with names containing jquery.

In this case, the malicious script is injected at the very top of the files immediately before their legitimate content.

The find command for the jQuery-related .js files has improved since the August version where we reported a bug that resulted in malware being injected into non-.jsfiles, including WordPress core CSS files.


Coding Style and Dealing with Reinfections

The coding style is very sloppy. There are no checks for errors or any fallback mechanisms.

Note: These versions try to inject new scripts into all suitable files. They don’t check if they have previous versions of the malware, which results in multiple infections of the same sites. Sometimes, the hjghjerg file contains code to replace previous payload with a new one. e.g. the examhome[.]net script to the learningtoolkit[.]club script. However, even in this case, it only takes care of one specific variation of their previous injection and neglects all other waves that used different scripts.


Hotopponents Version of the hjghjerg File

Some versions of the hjghjerg file inject different variations of the scripts.  In this case, it’s an external script from hxxps://hotopponents[.]site/site.js?wtr=1injected into files with the <head> tag and an obfuscated code that loads “hxxps://hotopponents[.]site/site.js?wtr=2” injected into jQuery related JavaScript files.


Cross-site Infections

As you might have noticed, the injector uses the find command that starts searching for victim files from the server root level: “find / …”. This means that if the site and account isolation on the server is not good enough, even one compromised site will be enough to infect all sites that share the same account – or even the whole server, in a worst-case scenario.

Of course, it’s hard to break out of the account level using this approach, even if the find command locates files that belong to different accounts (which doesn’t happen on most properly configured shared servers). Most likely, the script will not have sufficient permissions to modify them – unless the files had too broad permissions (e.g. 666 or 777) in the first place. This could happen, for example, if those third-party sites had been infected with the same malware and then cleaned without restoring the original permissions (remember, the injector changes permissions to 777?).

Another approach used by the same campaign can theoretically be successful in breaking out of the compromised account on a small number of misconfigured shared servers since it only needs read permissions.


Database wp-config.php Vector

The following code is also found in some variations of the hjghjerg file.

This injector searches for all wp-config.php files on the server and then reads database credentials from them. After that, it connects to the mySQL database, searches for the “wp-posts” tables there, and appends the malicious scripts at the end of WordPress posts (post_content field).

On most modern shared servers, the scope of this injector will also be limited to the compromised account. However, if the account isolation is not properly configured (which still rarely happens on some servers of small/amateur hosting providers), all WordPress sites on the server can be infected because of just one vulnerable site.



This long-lasting malware campaign demonstrates that all aspects of website security matter. Hackers don’t go for just a single vulnerability. They use a constantly updated kit of tools and exploits that help them maximize the effectiveness of their attacks.

Fully patched themes and plugins, strong passwords changed after any compromise, correct server configuration and site isolation, strict permissions of files with sensitive data – missing any of these components increases chances of a website compromise.

If you believe your site has been compromised by this attack, we can help. Contact us immediately at (888) 766-3315, or send an email by clicking HERE.

If your website is very outdated it may be for the best to do complete redesign sooner rather than later. This should also improve your security immensely. Visit THIS page to learn more and get a quote. We have special offers in store for our repeated customers.

The 10 Best Note Taking Apps (Evernote and OneNote Alternatives)

Uncategorized No Comment

best-note-taking-appsTaking important notes at crucial times is often the hardest part of someone’s work. Gone are the days when people used to carry small writing pads. Now, people refrain from using the conventional pen and paper and use the new technology to jot down important notes.

When you are at the office or at your home, the closest thing you have is either your smartphone or your laptop. So it is essential that the device is equipped with a good app that would help you take down notes quickly. We all know of Evernote and OneNote, they are the two giants when it comes to note-taking. But did you ever wonder if there are other good note taking apps out there?

Here are the Best 10 Note Taking Apps- (BEST Evernote and OneNote Alternatives)

  • Google Keep

Another quality product from Google, Google Keep allows you to quickly take down notes. The app is quite lightweight and requires less RAM. However, it is loaded with features. You can create checklists and even record audio for transcription. Like all Google Products, Google Keep works with your cloud storage. So all your data is automatically saved.

  • DropBox Paper

Available only to web users, this app quickly allows you to scribble ideas. Then you can attach photos or videos with your idea and then export it as a full-fledged PDF.

  • Bear

This application is exclusive to Mac users. One of the few apps in this sector that offer Mac support, Bear works well for people who keep getting phone calls. You can easily write down notes on your Mac. It is available at $1.49/mo and gives high storage.

  • Box Note

Available across web, Android and iOS, Box Notes offer basic editing tools. Also, it comes with a toolbar, so you can easily edit or organize the written data. This app offers cross-platform synchronization.

  • Apple Note

The best notes app for iPhone users. This app is widely available on iOS, Mac and Windows devices. Windows users can access the Apple Note through the web. It uses your iCloud credentials to sync data across all devices.

  • Quip

This app is available across all the platforms. The application boasts of a simple user interface. It gives you the option of adding another person to the note, so you both can edit it later. However, this app isn’t free and comes at a price of $30/mo.

  • Penultimate

Exclusive to iPad users, this app allows you to scribble and doodle on your iPad. This app was recently acquired by Evernote.

  • Squid

Available for android and windows users. Squid allows you to scribble notes onto your device. Also, it gives you the option to type in the notes using the keyboard. When you are done noting down, just export the file as PDF and view it later.

  • SomNote

Easy note app that allows you to sort your notes according to color. Also, it comes with password protection and encryption. Costs $39.99/mo but also offer a free version.

  • Paperwork

A free open source app that allows you to run your own server. So you can control what you want, when you want. However, it is not easy to execute and is best suited for people who have familiar knowledge of the coding.

new post

Uncategorized No Comment

now the new post working fine

17 Gmail Hacks

Uncategorized No Comment


Gmail  has become a cultural force and not only another email program being largest email service provider. But Gmail can still get better with few hacks and apps floating around the Internet can help in making your experience with your Gmail more enjoyable. These 17 amazing add-ons will make you a Gmail pro.

  1. Find out if there are any Websites which are selling email addresses to marketers on adding “+” sign

Gmail will recognize the “+” sign so as to create an alternate version of email and start monitoring when you receive spam to the new address.

  1. Sortd

Sortd which is a smart skin for Gmail helps in transforming your inbox from just messages to useful lists which can be customized to fit your individual workflow.

  1. Ugly email

Ugly email will notify you regarding which among your emails are getting tracked even before you open them.

  1. Mixmax

It helps in making scheduled meetings much easier and tracks when someone has opened your email so that you will know when can you bug that Person. Also, it lets us create one-click templates.

  1. Mailburn

This is an iPhone app which automatically shows all your Gmail conversations only with natural or real people only. The idea is that all the newsletters, insurance related messages can be taken care with the system but on the phone, only real people conversations are displayed.

  1. Unsubscriber

It helps its users to unsubscribe from many newsletters and spam. This helps to get rid of unnecessary subscriptions from various companies or advertisements.

  1. Mailtrack

This is a chrome extension which helps its users to know when their email was being sent and when the mail was opened. Thus, a track can be kept of all your emails easily.

  1. Snapmail

This chrome extension adds a button right next to “send” button of Gmail which sends self-destructing emails for you. So, when the recipient person opens it, snapmail will inform that in sixty seconds it would self-destruct.

  1. Gmail offline

When the connection is not good or spotty, this feature can come in hand helping you use Gmail even when there is no connection.

  1. Gmail Giphy

Giphy being the world’s great GIF searching company now has a chrome extension which when installed, a little rainbow like Giphy icon starts popping up near formatting icons which lets us make our boring emails a little dramatic.

  1. Gmail dropbox

By using this feature a lot of space can be saved through integrating our dropbox with our Gmail.

  1. Boomerang

This is a plug in which works with Firefox,safari, chrome with the Option ” send later” which helps it’s users to type the email normally and then with the help of calendar set a date on which it should be sent.

13.Finding Big Mail searches

Big Mail is a program that scans the Gmail account and finds some largest files with some attachments etc which is eating up a lot of space. Thus, they can be deleted and space can be saved.

  1. WiseStamp

This is another chrome extension helping you to customize your regular signature  with different color,size etc adding a cool outlook.

  1. Send through Gmail

It is a chrome extension which will make sure Gmail is the default always and so whenever you type an email address it lets Compose window to pop up Gmail.

  1. Grexlt

This chrome extension will create Gmail labels. With these shared labels option, you can add a label to an email conversation in inbox showing your colleagues’ inboxes which is of great help in keeping a track of assignments given.

  1. FullContact

This is a chrome extension which will show you everything you want to know regarding any person who’s sent an email to you. Their tweets, facebook updates can also be checked through FullContact.

Web Design Terms You Need to Know

Uncategorized No Comment


Professional web designers on a global designing platform quite essentially need to be aware of acronyms and buzz words of technicality. This aids in the development and implementation of new technologies and ideas. The frameworks, libraries and languages along with tools are more complex than ever. Thus, it’s quintessential to understand the buzz words.

Let’s take a quick look at it!

  1. HTML, CSS & JavaScript


HTML (Hypertext Markup Language) popularized with HTML5 now and is considered the web language. A piece of content is treated by a web browser with the help of HTML. It allows usage of several tags for the designer to mark the content for semantics as paragraphs can be considered as text copy, also images can be imported.


CSS (Cascading Style Sheets) is a visual rule set to formulate as to how elements should be rendered in a web page by the browser. It modifies text, background, size, position and shape of various parts of the page.


JavaScript a scripting language by its name. It supports designers in creating interactions in a web page. Earlier it was principally used for validation of forms and the pop-ups alert boxes that appeared when a mandatory field is empty (as a telephone number). While now it helps in providing visual effects and loads new contents with no need to reload the page.

  1. Responsive design

Responsive web design is captivating the world with a standard approach of adapting to user’s device in all designs. Irrespective of the web-connected device the content is displayed most appropriately for the view. For example, a page re-paginates with changes in screen size (into multiple columns on desktop or single on a Smartphone)

  1. Semantic markup

Semantic markup a method to coding HTML to describe content and access relevant metadata on the content using markup tags. Like, part of data not directly relevant to the primary content of the page can be marked by <aside>.

  1. SaaS

SaaS (Software as a Service) provides a software platform for delivery of services from or through the cloud. A few examples are Photoshop Express, latest versions of Microsoft Office online and Google Docs. The services provide desktop-like experience to the users without the need of installation of any software, as they are directly accessed from the web.

  1. A/B Testing

A/B testing is a procedure for accomplishing the same result through experimentation and achieves the most effective solution. It tracks the number of users converting to paying customers through alternate layouts using various trail layouts for web pages.

On a continuous repetitive process of assessing, prototyping and conforming, it increases the rate of conversion of individual pages considerably.

The above buzz words and acronyms are to be learnt for better implementation and innovation of a web page or website design. These form the basis for understanding the creation of web pages without which it’s technically impossible to make any. With web- designing ruling the markets, those who seek to utilize the opportunity, try harder to understand.

Stay tuned for our Part 2 of web design terms you need to know!

20 Interesting Facts About the Internet

Uncategorized No Comment


Everyone has been using the internet for decades but you’ll definitely be blown out of your mind reading these interesting facts about the internet. Know more about the internet through these list of facts below.

  1. Ever wondered who holds the backup power to restart the internet in case of any catastrophic event? Well, there are seven persons who hold the key to the internet. In the case of any event which makes the internet shut down, these 7 people have a key to reboot its internal part.
  2. All of us are familiar with the browser names like Mozilla Firefox and Internet Explorer. But the very first and popular web browser was known to be Mosiac which started its services in the year 1993 and was a major part of internet till 1997.
  3. It is a known fact that the internet has taken over TV at a fast pace, but the figures will amaze you. The Internet has gained about 5 million users in just 5 years. It took 13 years for TV to gather these many users.
  4. There are over 1 billion internet users today which are about 20% of world’s population.
  5. An average surfing session lasts about only 51 minutes.
  6. Sweden has the most number of internet users across the world with about 75% of the population using it.
  7. The satellite-based internet availability has made it possible to access the internet all over the world. Still there are certain countries like North Korea and China who are denied the access by the government.
  8. It is estimated that people who use social networking sites like Facebook and Twitter are likely to spend their 10% of lifetime on it.
  9. Asia is a continent with the largest number of internet users i.e. about 42% and about 80% of the world population still not using it.
  10. A good figure of 19% married couple meets online, making it a suitable marriage bureau.
  11. ‘Wake me up’ by Avicii is the most played song on Spotify, an online playlist website.
  12. The first tweet was sent by Jock Dorsey in the year 2002, March 21.
  13. The first ever image on the internet was uploaded by Mr. Berners Lee. It was an image of a joke band of women. The picture was uploaded from the nuclear research lab CERN.
  14. About 16% to 20% of the Google searches are the searches which have never been Googled before. Now this is news!
  15. Mr. Wilhite mentions the correct pronunciation of GIF as ‘jiff’.
  16. ‘Insurance’ is the most expensive Google Adwords keyword.
  17. The first email was sent Ray Tomlinson to himself in the year 1971, he doesn’t remember the contents though.
  18. The fastest rate to log in to Gmail is recorded as 1.16 seconds.
  19. We spend more time browsing on mobile devices than on computers.
  20. The internet is 8352 days old. You can check the latest update on

So, these were some of the amazing and interesting facts about the internet not known to everybody.