PHP Reinfector and Backdoor Malware Target WordPress Sites
Puja Srivastava We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector and backdoor malware. While we initially believed that the infection…
Search Results
backdoor
511 posts
Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Ben Martin Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…
Konami Code Backdoor Concealed in Image
Attackers are always looking for new ways to conceal their malware and evade detection, whether it’s through new forms of obfuscation, concatenation, or — in…
Backdoor Targets FreePBX Asterisk Management Portal
Krasimir Konov Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows…
Wordfence Evasion Malware Conceals Backdoors
Malware authors, with some notable exceptions, tend to design their malicious code to hide from sight. The techniques they use help their malware stay on…
Examining Emerging Malware: Website Backdoors
Next up in our “This didn’t quite make it into the 2021 Threat Report, but is still really cool” series: New and emerging backdoor variants…
What is a Website Backdoor?
Allison Bondi What is a Backdoor? A backdoor provides a shortcut for authorized or unauthorized users to gain access to an unauthorized location of a website, software,…
Examining Unique Magento Backdoors
Liam Smith During a recent investigation into a compromised Magento ecommerce environment, we discovered the presence of five different backdoors that would provide attackers with code execution…
SQL Triggers in Website Backdoors
Luke Leal Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within hacked databases. These queries…
Evaluating Cookies to Hide Backdoors
Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often…
Fake WordPress Functions Conceal assert() Backdoor
Douglas Santos A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting.…