Malware Dropper Takes Advantage of COVID-19 Pandemic
Krasimir Konov Since April, our team has been tracking the spread of a PHP malware dropper. It’s impacting unsuspecting victims who thought they were downloading a mapping…
Search Results
dropper
30 posts
Backdoor Shell Dropper Deploys CMS-Specific Malware
A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and…
Obfuscated WordPress Malware Dropper
Luke Leal It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating…
PHP Dropper Concealed in Malicious WordPress Plugin
Moe Obaid – an analyst from our Remediation Team – recently found a PHP dropper that had been installed as a malicious WordPress plugin. Unlike…
Troldesh Ransomware Dropper
Over the past few weeks, we’ve seen an increase in Troldesh ransomware using compromised websites as intermediary malware distributors. The malware often uses a PHP…
Cryptomining Dropper and Cronjob Creator
Recently, someone reached out to us about a malicious process they had discovered running on their web server. This process was maxing out the CPU,…
W97M/Downloader Malware Dropper Served from Compromised Websites
Bruno Zanelato W97M/Downloader is part of a large banking malware operation that peaked in March 2016. Bad actors have been distributing this campaign for well over a…
Fake Font Dropper
Moe O Every day we see different website infections. When we receive unusual or interesting cases, our researcher instincts are triggered to investigate the unusual website behavior…
Fake Font Dropper
A website owner reached out to us to investigate a weird behavior on their site. It was randomly showing a popup window for a missing…
The elegant dropper – reusable code for PHP shell installation
Yuliyan Tsvetkov During our malware research role, we analyze hundreds (if not thousands) of malware samples every day. Quite often, highly-obfuscated techniques are used by attackers to…
Massive Abuse of Abandoned Eval PHP WordPress Plugin
Ben Martin Attackers are always finding new and creative ways to compromise websites and maintain their foothold in environments. This is frequently done via the use of…