Cesar Anjos

About Cesar Anjos

Cesar Anjos is Sucuri's Malware Researcher who joined the company in 2014. Cesar's main responsibilities include keeping up with the latest malware and writing about it. His professional experience covers over five years in the area. When Cesar isn't researching, he's finding a way to exercise his mind with anything. Connect with him on our Twitter.

March 18, 2021Cesar Anjos

Server Side Data Exfiltration via Telegram API

One of the themes commonly highlighted on this blog includes the many creative methods and techniques attackers employ to steal data from compromised websites. Credit card skimmers, credential and password hijackers, SQL injections, and even malware on the server level can be used for data…

December 15, 2020Cesar Anjos

Why You Should Monitor Your Website

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques…

November 17, 2020Cesar Anjos

Evasive Maneuvers in Data Stealing Gateways

We have already shared examples of many kinds of malware that rely on an external gateway to receive or return data, such as different malware payloads. During a recent investigation,…

April 6, 2020Cesar Anjos

Analyzing & Decrypting L4NC34’s Simple Ransomware

We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact can be serious if the…

March 13, 2020Cesar Anjos

Innocent Defacement

When we talk about defacements, we’re usually referring to attacks leading to a visual takeover of a website’s page ― consider it a form of vandalism or graffiti. Often distributed…

Password Attacks 101

One of the most common attacks carried out nowadays is related to cracking passwords, but most people probably just know about brute-forcing. There are, in fact, other kinds of attacks…

Down the Malware Rabbit Hole: Part II

In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep….

October 3, 2019Cesar Anjos

Down the Malware Rabbit Hole – Part 1

It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In…

August 5, 2019Cesar Anjos

User adder backdoor

As we’ve seen many times before, there are a variety of backdoors that can be planted on a website. Post-compromise, it’s almost mandatory to review the list of users with…

Lightbox Adware – From Innocent Scripts to Malicious Redirects

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if…

May 22, 2019Cesar Anjos

Hosting page templates causing your website ad campaign to be blocked

It’s quite common that hosting providers have templates set for pages like 40x and 50x error pages but it’s uncommon for those templates to have ads in them, or even…