Denis Sinegubko

194 posts

Denis Sinegubko is Sucuri’s Senior Malware Researcher who joined the company in 2013. Denis' main responsibilities include researching emerging threats and creating signatures for SiteCheck. The founder of UnmaskParasites, his professional experience covers over 20 years of programming and information security. When Denis isn’t analyzing malware, you might not find him online at all. Connect with him on Twitter.

Website Security

Phishing for Anonymous Alligators

Denis Sinegubko

October 6, 2015

Everyone has encountered phishing at some point – fake emails and web pages designed to look legitimate. This tactic is becoming more popular as attackers…

Read the Post

Sucuri Labs

Malware in comments

Denis Sinegubko

October 5, 2015

There are many tricks to hide malicious code. One of them is placing it to the part of legitimate files where people don’t normally expect…

Read the Post

Sucuri Labs

FormCraft v1.4.6 under attack

Denis Sinegubko

October 1, 2015

As we clean many sites infected by the VisitorTracker malware, we see vulnerabilities in multiple plugins being exploited by attackers. For example, my colleagues John…

Read the Post

Website Security

Analyzing Black Hat URL Shorteners

Denis Sinegubko

September 29, 2015

Hackers are known to use URL shortening services to obfuscate their real landing pages. It’s very effective in clickbait scams on social networks. Some hackers…

Read the Post

Sucuri Labs

Minimalistic WordPress injection

Denis Sinegubko

September 23, 2015

WordPress-specific malware is slightly different than generic PHP malware. Inside WordPress files, it can use WordPress API and WordPress database. This allows to create this…

Read the Post

Website Malware Infections

.htaccess Tricks in Global.asa Files

Denis Sinegubko

September 22, 2015

As you might know a lot of hacks use Apache configuration .htaccess files to override default web site behavior: add conditional redirects, create virtual paths…

Read the Post

Malicious Google Search Console Verifications

Denis Sinegubko

September 8, 2015

This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search…

Read the Post

Sucuri Labs

Hacked Sites Help Hack Third-Party Sites

Denis Sinegubko

September 8, 2015

Just a reminder that your hacked site may be used to anonymously hack third-party sites. This Joomla com_Myblog exploit script was found on one hacked…

Read the Post

Sucuri Labs

Tag-cloud-generator com script redirects to parked domains

Denis Sinegubko

August 31, 2015

Today we found a few websites that loaded strange code from tag-cloud-generator[.]com. Sites tried load several image and font files from this site, but they…

Read the Post

Sucuri Labs

Fake Social Share WordPress Plugin Creates Pharma Spam Doorways

Denis Sinegubko

August 26, 2015

We found infected sites where malware created a fake WordPress plugin that generated pharma spam doorways. Path: wp-content/plugins/social-share/wp-social-share.php This file creates wp-content/plugins/social-share/share.php that calls itself…

Read the Post

WordPress Security

Wigo Means Bingo for Blackseo Agent

Denis Sinegubko

August 18, 2015

This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi(‘-dbst’,$_SERVER[‘REQUEST_URI’]))…

Read the Post