Denis Sinegubko

194 posts

Denis Sinegubko is Sucuri’s Senior Malware Researcher who joined the company in 2013. Denis' main responsibilities include researching emerging threats and creating signatures for SiteCheck. The founder of UnmaskParasites, his professional experience covers over 20 years of programming and information security. When Denis isn’t analyzing malware, you might not find him online at all. Connect with him on Twitter.

Uncategorized

How Scammers Abuse Baidu Search Results

Denis Sinegubko
December 12, 2016

If you use Skype, recently you may have received Baidu link spam from some of your contacts. The links look like this: www.baidu[.]com/link?url=_QIcrpeV-oOPb6HGTgigvW00e0fiBQyFjSui12FrARO#emubahyt= When you click…

Read the Post

Sucuri Labs

“Play One” Hidden Style Obfuscation

Denis Sinegubko
December 9, 2016

For many years, spam injections placed inside legitimate pages remain one of the prevalent types of black hat SEO hacks that we clean. Hackers constantly…

Read the Post

Uncategorized

Website Spam Infection via Zip File Upload

Denis Sinegubko
November 21, 2016

Since the beginning of November we’ve been cleaning many sites infected with the same SEO spam malware. The malware creates doorways for hundreds of random…

Read the Post

Learning From Buggy WordPress Wp-login Malware

Denis Sinegubko
October 31, 2016

When a site gets hacked, the attack doesn’t end with the malicious payload or spam content. Hackers know that most website administrators will clean up…

Read the Post

Sucuri Labs

WP Marketplace Attack in the Wild

Denis Sinegubko
October 17, 2016

A few days ago, colleagues from White Fir Design disclosed an arbitrary file upload vulnerability in the WP Marketplace plugin and helped remove it from…

Read the Post

Sucuri Labs

Hijacking PayPal Donations

Denis Sinegubko
September 21, 2016

Recently we wrote about how hackers hijacked payment process on an ecommerce site and redirected customers to a fake checkout page on a third-party site.…

Read the Post

Hacking WordPress Sites on Shared Servers

Denis Sinegubko
September 19, 2016

A website is only as safe as the weakest link on its shared server. Once a hacker gains access to one site on the server,…

Read the Post

Sucuri Labs

Stealing Credit Card Details from PrestaShop

Denis Sinegubko
August 23, 2016

We wrote multiple times about various attacks on e-commerce sites that try to steal credit card details of their customers. In most cases, all such…

Read the Post

Sucuri Labs

Undeletable Doorway. Kind of.

Denis Sinegubko
August 18, 2016

Recently we cleaned a site that had a malicious wp-page.php file at the root of the WordPress site. It was responsible for pharma spam doorways…

Read the Post

Security Advisory

Fake FreeDNS Used to Redirect Traffic to Malicious Sites

Denis Sinegubko
July 29, 2016

During the last couple of days, we performed a few similar cleanup requests where sites occasionally redirected visitors to malicious sites that displayed ads, spam,…

Read the Post

Sucuri Labs

Malicious ShopSearcher Script

Denis Sinegubko
July 22, 2016

We see a strong trend in hacking ecommerce sites in order to hijack payment process and steal customers credit card details. During the last couple…

Read the Post