Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors
Puja Srivastava Overview During a recent malware cleanup investigation, we encountered a compromised Joomla website where the site owner reported a strange issue. Their website displayed a…
Search Results
backdoor
551 posts
WordPress Auto-Login Backdoor Disguised as JavaScript Data File
During a recent investigation, we discovered a sophisticated WordPress backdoor hidden in what appears to be a JavaScript data file. This malware automatically logs attackers…
Hidden WordPress Backdoors Creating Admin Accounts
During a recent cleanup of a compromised WordPress website, we discovered two different malicious files designed to silently manipulate administrator accounts. Attackers often inject such…
Uncovering a Stealthy WordPress Backdoor in mu-plugins
Recently, our team uncovered a particularly sneaky piece of malware tucked away in a place many WordPress users don’t even know exists: the mu-plugins folder.…
Stealthy WordPress Malware Drops Windows Trojan via PHP Backdoor
Last month, we encountered a particularly interesting and complex malware case that stood out from the usual infections we see in compromised WordPress websites. At…
Malicious WordPress Plugin Creates Hidden Admin User Backdoor
Matt Morrow I recently wrote about a case where a malicious plugin was used to steal admin credentials. Here we will examine yet another malicious plugin that…
Credit Card Skimmer and Backdoor on WordPress E-commerce Site
The battle against e-commerce malware continues to intensify, with attackers deploying increasingly sophisticated tactics. In a recent case at Sucuri, a customer reported suspicious files…
Hidden Backdoors Uncovered in WordPress Malware Investigation
At Sucuri, we often encounter cases where malware is deeply embedded in websites, hidden in files and scripts that can easily escape detection. In this…
Backdoors: The Hidden Threat Lurking in Your Website
Kyle Knight Website backdoors are a silent yet deadly threat to website security. These stealthy mechanisms bypass standard authentication, providing attackers with persistent, unauthorized access to a…
PHP Reinfector and Backdoor Malware Target WordPress Sites
We recently observed a surge in WordPress websites being infected by a sophisticated PHP reinfector and backdoor malware. While we initially believed that the infection…
Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions
Ben Martin Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good…