Douglas Santos

11 posts

Douglas Santos is Sucuri’s Malware Analyst who joined the company in 2015. Douglas main responsibilities include helping our customers. His professional experience covers 17 of ethical hacking. When Douglas isn’t poking malware code, you might find him doing landscape photography and hacking games. Connect with him on our Twitter.

Fake WordPress Functions Conceal assert() Backdoor

Douglas Santos
December 8, 2020

A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting.…

Lightbox Adware - From Innocent Scripts to Malicious Redirects

Why is Your Website a Target? The SEO Value of a Website

Douglas Santos
June 24, 2019

Website security is what we eat, sleep, and breathe. It’s what we do best because we deal with hacked websites every single day, thousands of…

A Puzzling Backdoor Upload

Douglas Santos
May 3, 2018

After a successful compromise, backdoors are frequently left behind and function as a point of re-entry into the website environment. These malicious pieces of code…

Javascript Injection Creates Rogue WordPress User

WordPress Security

Javascript Injection Creates Rogue WordPress Admin User

Douglas Santos
December 14, 2017

Earlier this year, we faced a growing volume of infections related to a vulnerability in outdated versions of the Newspaper and Newsmag themes. The infection…

Sucuri Labs

The Tale of a Malicious Stored Procedure

Douglas Santos
November 22, 2016

Nowadays, the most common issues with database injections are related to SPAM. Brian Krebs has a book called Spam Nation, that gives us a more…

Sucuri Labs

Malicious routine stealing WordPress credentials in the wild

Douglas Santos
November 11, 2016

From the hacker’s perspective, maintaining access to a compromised website for as long as possible, is ideal. One way to achieve this goal, is by…

Sucuri Labs

Joomla Backdoor Hidden in Plain Sight

Douglas Santos
August 31, 2016

In order to avoid detection and maintain access to compromised websites, attackers use different techniques to hide their malicious code. During our cleanup investigation we…

200k+ Parked/Expired Domains Used to Distribute Malicious Ads

Douglas Santos
June 29, 2016

Recently we wrote about domain renewal scams that used real paper letters to tricks site owners into transferring their domains and renewing them for 3-4x…

Sucuri Labs

MiniCMS as a Spam Site Generator

Douglas Santos
June 14, 2016

SEO spam is very common for a reason — money. Spammers are paid to promote websites on Google. We deal with lots of SEO spam…

WP Mobile Detector Vulnerability Being Exploited in the Wild

Douglas Santos
June 2, 2016

***Update: The WP Mobile Detector plugin has been patched to address the vulnerability. Please update as soon as possible. Note that the latest version don’t…

Sucuri Labs

Magento CC stealer adding user’s credentials to the loot

Douglas Santos
May 25, 2016

While analyzing a compromised Magento site, we found another Credit Card (CC) stealer variation. We posted a few times about this type of malware, but…