Cesar Anjos

About Cesar Anjos

Cesar Anjos is Sucuri's Malware Researcher who joined the company in 2014. Cesar's main responsibilities include keeping up with the latest malware and writing about it. His professional experience covers over five years in the area. When Cesar isn't researching, he's finding a way to exercise his mind with anything. Connect with him on our Twitter.

April 6, 2020Cesar Anjos

Analyzing & Decrypting L4NC34’s Simple Ransomware

We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact can be serious if the affected website is the webmaster’s only source of income or a business relies entirely on…

March 13, 2020Cesar Anjos

Innocent Defacement

When we talk about defacements, we’re usually referring to attacks leading to a visual takeover of a website’s page ― consider it a form of vandalism or graffiti. Often distributed…

Password Attacks 101

One of the most common attacks carried out nowadays is related to cracking passwords, but most people probably just know about brute-forcing. There are, in fact, other kinds of attacks…

Down the Malware Rabbit Hole: Part II

In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep….

October 3, 2019Cesar Anjos

Down the Malware Rabbit Hole – Part 1

It’s common for malware to be encoded to hide itself—or its true intentions—but have you ever given thought to what lengths attackers will go to hide their malicious code? In…

August 5, 2019Cesar Anjos

User adder backdoor

As we’ve seen many times before, there are a variety of backdoors that can be planted on a website. Post-compromise, it’s almost mandatory to review the list of users with…

Lightbox Adware – From Innocent Scripts to Malicious Redirects

It’s no news that webmasters commonly make use of external scripts to add more features to their site, but things can turn out for the worse quite easily. What if…

May 22, 2019Cesar Anjos

Hosting page templates causing your website ad campaign to be blocked

It’s quite common that hosting providers have templates set for pages like 40x and 50x error pages but it’s uncommon for those templates to have ads in them, or even…

May 3, 2019Cesar Anjos

Cronjob Backdoors

Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors. A good…

Using Innocent Roles to Hide Admin Users

All across the internet, we find guides and tutorials on how to keep your WordPress site secure. Most of them approach the concept of user roles, but not many actually…

July 24, 2018Cesar Anjos

Browser Extension Bug Leads to Post Injection

A few years ago, we saw how a browser extension introduced a threat to serve unwanted ads. Today, the number of browser extensions available to users has grown, along with…