• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Labs Notes Monthly Recap – June/2017

July 20, 2017Estevao AvillezEspanolPortugues

12
SHARES
FacebookTwitterSubscribe

This month, our Malware Research and Incident Response teams wrote about redirects that deliver malware and ads to visitors, as well as a backdoor method that attempts to hide from webmasters by using undefined variables.

Sucuri Labs provides website malware research updates directly from our teams on the front line. You can read past monthly recaps to catch up on trends we look at every month.

How Undefined Variables Can Give You RCE

Fernando Barbosa

We look at a backdoor that uses undefined variables to hide a backdoor. These variables are ignored, allowing the remaining code to be executed.

Once the invalid variables were removed, we could clearly see a backdoor that allows the attacker full remote command access to the infected website.

Read More

Undesired Redirects

Cesar Anjos

A piece of obfuscated code in a WordPress theme’s header.php file is used to change the browser history of visitors.

If a visitor clicks the Back button in their browser, they are taken to a page that downloads rootkits and causes pop-up ads to be displayed.

Read More

Yet Another Expired Domain Causes WP Plugin to Redirect Users

Krasimir Konov

An old plugin in the WordPress repository has been unsupported for over two years. As part of the plugin, external scripts were loaded from the developer’s website.

It seems that this developer has let that domain expire. A malicious person took over the domain and started using it to cause JavaScript-based redirects for all websites using the plugin. This is why we always highly recommend that developers do not load resources from external websites.

Read More

12
SHARES
FacebookTwitterSubscribe

Categories: Security Education, Sucuri UpdatesTags: Industry Reports, Malware Updates

About Estevao Avillez

Estevao Avillez is Sucuri’s Senior Director of Security Research, who joined the company in 2013. Estevao’s main responsibilities include leading the Research Group, which includes the Malware, Vulnerability and WAF/Sucuri Infrastructure. His professional experience covers 15 years with planning, project and operations management. Estevao has also worked in various areas such as logistics and supply chain, media and communication, telecommunications, and trading relationships with customers. He’s worked as a consultant in financial, strategic and operational management. When Estevao isn’t keeping our customers safe, you might find him taking care of his kids and running. Connect with him on Twitter.

Reader Interactions

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Getting Started with Sucuri Webinar

Getting Started with Sucuri Guide

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.