Denis Sinegubko

194 posts

Denis Sinegubko is Sucuri’s Senior Malware Researcher who joined the company in 2013. Denis' main responsibilities include researching emerging threats and creating signatures for SiteCheck. The founder of UnmaskParasites, his professional experience covers over 20 years of programming and information security. When Denis isn’t analyzing malware, you might not find him online at all. Connect with him on Twitter.

Web Swiper in Image Title

Denis Sinegubko
January 27, 2020

Cybercriminals regularly try a variety of approaches to hide their malicious code — web skimmers are well known for using all sorts of obfuscation and…

Read the Post

Fake AmeriCommerce Shopping Cart

Denis Sinegubko
January 23, 2020

Our malware analyst Liam Smith recently found malware on a client’s site that targets ecommerce sites powered by AmeriCommerce software. A popular ecommerce software solution…

Read the Post

5 Year Anniversary of the SoakSoak Malware Tsunami

Denis Sinegubko
December 19, 2019

This is a story about the SoakSoak malware campaign that proved that you can’t underestimate impact of security issues in popular premium software. These days,…

Read the Post

Unmasking Black Hat SEO for Dating Scams

Denis Sinegubko
December 12, 2019

Malware obfuscation comes in all shapes and sizes — and it’s sometimes hard to recognize the difference between malicious and legitimate code when you see…

Read the Post

Vulnerable Versions of Adminer as a Universal Infection Vector

Denis Sinegubko
November 9, 2019

This past week, we’ve been monitoring a new wave of website infections mostly impacting WordPress and Magento websites. We found that hackers have been injecting…

Read the Post

Skimmers for Both Magento and WordPress

Denis Sinegubko
November 7, 2019

We often write about malware that steal payment information from sites built with Magento and other types of e-commerce CMS. When discussing credit card skimmers…

Read the Post

Size for Opera: Hiding Spammy Links

Denis Sinegubko
November 5, 2019

There are many different tricks hackers use to make injected spam links invisible to regular visitors. Below is an example employed by one link spam…

Read the Post

Pharma Spam Redirects to .su & .eu Sites

Denis Sinegubko
November 4, 2019

We regularly clean all sorts of black hat SEO infections. During these infection cleanups, we often find compromised websites redirecting visitors to fake “Canadian Pharmacy”…

Read the Post

HTML entity encoding in WordPress malware

Data URLs and HTML Entities in New WordPress Malware

Denis Sinegubko
October 30, 2019

Last week, an ongoing WordPress malware campaign started a new wave which included a variety of experimental injection types. Scripts as Data URLs The first…

Read the Post

Fake UpdraftPlus Plugins

Denis Sinegubko
October 17, 2019

We often find various fake WordPress plugins installed by hackers during website cleanups. Recently, we’ve noticed a new wave of infections that install fake plugins…

Read the Post

Sucuri_encrypted: Magento Malware

Denis Sinegubko
October 17, 2019

In an effort to make malicious code appear to be credible, hackers commonly piggyback on the names of reputable, well-known companies and services. Typical examples…

Read the Post