Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Denis Sinegubko

194 posts
Denis Sinegubko is Sucuri’s Senior Malware Researcher who joined the company in 2013. Denis' main responsibilities include researching emerging threats and creating signatures for SiteCheck. The founder of UnmaskParasites, his professional experience covers over 20 years of programming and information security. When Denis isn’t analyzing malware, you might not find him online at all. Connect with him on Twitter.
New Xjquery Wave of WordPress SocGholish Injections
  • Website Malware Infections
  • Website Security
  • WordPress Security

Xjquery Wave of WordPress SocGholish Injections

  • Denis Sinegubko
  • May 9, 2023
In November, 2022, my colleague Ben Martin described how hackers were using zipped files and encrypted WordPress options stored in the database to inject SocGholish…
Read the Post
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
  • Website Malware Infections
  • Website Security
  • WordPress Security

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

  • Denis Sinegubko
  • April 6, 2023
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Read the Post
Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network
  • Website Malware Infections
  • Website Security
  • WordPress Security

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

  • Denis Sinegubko
  • January 24, 2023
Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often…
Read the Post
Chinese Gambling Spam Leverages World Cup Keywords
  • Website Malware Infections
  • Website Security

Chinese Gambling Spam Targets World Cup Keywords

  • Denis Sinegubko
  • December 2, 2022
Since 2018, our team has been tracking an interesting type of website infection where the <title> tag of a hacked website is changed to Chinese…
Read the Post
New Wave of SocGholish cid=27x Injections
  • Website Malware Infections
  • Website Security

New Wave of SocGholish cid=27x Injections

  • Denis Sinegubko
  • November 23, 2022
On November 15th, Ben Martin reported a new type of WordPress infection resulting in the injection of SocGholish scripts into web pages. The attack loads…
Read the Post
Gambling SEO Spam in Visual Composer Raw HTML Element: vc_raw_html
  • Website Malware Infections
  • Website Security
  • WordPress Security

Gambling Spam in Visual Composer Raw HTML Element: [vc_raw_html]

  • Denis Sinegubko
  • September 14, 2022
Bad actors often look for clever ways to boost the rankings and visibility of their spam pages in search. One of the many black hat…
Read the Post
SocGholish and NDSW NDSX malware, FakeUpdates, SilverFish (SolarWind) and ransomware
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security
  • WordPress Security

SocGholish Malware: Script Injections, Domain Shadowing, IPs & Obfuscation Techniques

  • Denis Sinegubko
  • August 16, 2022
In June 2022, we shared information about the ongoing NDSW/NDSX malware campaign which has been one of the most common website infections detected and cleaned…
Read the Post
SiteCheck Q2 2022 Report
  • Ecommerce Security
  • Security Education
  • Sucuri
  • Website Malware Infections
  • Website Security
  • WordPress Security

SiteCheck Malware Trends Report – Q2 2022

  • Denis Sinegubko
  • July 7, 2022
For the latest malicious scripts, check out our SiteCheck 2023 Mid-Year Malware Trends report. Conducting an external website scan for indicators of compromise is one…
Read the Post
Analysis of the Massive NDSW/NDSX Malware Campaign
  • Security Education
  • Website Malware Infections
  • Website Security
  • WordPress Security

Analysis of the Massive NDSW / NDSX Malware Campaign

  • Denis Sinegubko
  • June 2, 2022
Recently, Avast’s researchers Pavel Novák and Jan Rubín posted a detailed writeup about the “Parrot TDS” campaign involving more than 16,500 infected websites. Such massive…
Read the Post
X-Cart Skimmer with DOM Based Obfuscation
  • Ecommerce Security
  • Security Education
  • Website Malware Infections
  • Website Security

X-Cart Skimmer with DOM-based Obfuscation

  • Denis Sinegubko
  • May 17, 2022
Our lead security analyst Liam Smith recently worked on an infected X-Cart website and found two interesting credit card stealers there — one skimmer located…
Read the Post
WordPress Redirect Hack via Test0.com/Default7.com
  • Website Malware Infections
  • Website Security
  • WordPress Security

WordPress Redirect Hack via Test0.com/Default7.com

  • Denis Sinegubko
  • June 4, 2021
Malicious redirect is a type of hack where website visitors are automatically redirected to some third-party website: usually it’s some malicious resource, scam site or…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'