• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Krasimir Konov

About Krasimir Konov

Krasimir Konov is Sucuri's Malware Analyst who joined the company in 2014. Krasimir's main responsibilities include analyzing malicious code, signature creation and documentation of malware. His professional experience covers more than 10 years in the IT field, with nine years involved in IT/cyber security. When he’s not analyzing malware or writing Labs notes, you might find Krasimir riding his motorcycle and traveling the world. Connect with him on Twitter or LinkedIn.

Backdoor Targets FreePBX Asterisk Management Portal

December 15, 2022Krasimir Konov

Backdoor Targets FreePBX Asterisk Management Portal 

Written in PHP and JavaScript, FreePBX is a web-based open-source GUI that manages Asterisk, a voice over IP and telephony server. This open-source software allows users to build customer phone systems. During a recent investigation, I came across a simple piece of malware targeting FreePBX’s…

Read More about Backdoor Targets FreePBX Asterisk Management Portal 

How to Securely Shop With Your Credit Card: Use a Virtual Card & Check for Skimmers

December 8, 2022Krasimir Konov

How to Securely Shop With Your Credit Card: Use a Virtual Card & Check for Skimmers

The convenience and ease of online transactions has drawn a tremendous number of users to online ecommerce storefronts. And during the pandemic, many consumers switched to online purchases in favor…

Read More about How to Securely Shop With Your Credit Card: Use a Virtual Card & Check for Skimmers

The importance of website logs for security and accountability

August 11, 2022Krasimir Konov

The Importance of Website & Server Logs

Have you ever looked at your server or website logs and realized that they make absolutely no sense to you? Or thought that logs just seem to take up a…

Read More about The Importance of Website & Server Logs

DHL Phishing Uses Telegram Bot for Exfiltration

July 26, 2022Krasimir Konov

DHL Phishing Page Uses Telegram Bot for Exfiltration

One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can typically be found masquerading as…

Read More about DHL Phishing Page Uses Telegram Bot for Exfiltration

Malicious C&C Script Used to Manage Botnet

July 12, 2022Krasimir Konov

Infected WordPress Site Reveals Malicious C&C Script

Bitcoin prices are down 60% year to date, trading far from the all-time highs of $69,000 seen last November. Some altcoins have plummeted even farther in value, with digital currencies…

Read More about Infected WordPress Site Reveals Malicious C&C Script

Massive JavaScript Injection Campaign Redirects to Ads

May 11, 2022Krasimir Konov

Massive WordPress JavaScript Injection Campaign Redirects to Ads 

Our remediation and research teams regularly find malicious redirects on client sites. These infections automatically redirect site visitors to third-party websites with malicious resources, scam pages, or commercial websites with…

Read More about Massive WordPress JavaScript Injection Campaign Redirects to Ads 

Labs Note

December 17, 2020Krasimir Konov

The Dangers of Using Abandoned Plugins & Themes

It’s not very often that we see abandoned components being used on a website — but when we do, it’s most often because the website was exhibiting malware-like behavior and…

Read More about The Dangers of Using Abandoned Plugins & Themes

Labs Note

December 10, 2020Krasimir Konov

Malware Dropper Takes Advantage of COVID-19 Pandemic

Since April, our team has been tracking the spread of a PHP malware dropper. It’s impacting unsuspecting victims who thought they were downloading a mapping software to monitor the spread…

Read More about Malware Dropper Takes Advantage of COVID-19 Pandemic

Labs Note

November 4, 2020Krasimir Konov

Legacy Mauthtoken Malware Continues to Redirect Mobile Users

During malware analysis, we regularly find variations of this injected script on various compromised websites: . The variable “_0x446d” assigns hex encoded strings in different positions in the array. If…

Read More about Legacy Mauthtoken Malware Continues to Redirect Mobile Users

Labs Note

October 6, 2020Krasimir Konov

Backdoor Shell Dropper Deploys CMS-Specific Malware

A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want….

Read More about Backdoor Shell Dropper Deploys CMS-Specific Malware

Labs Note

September 29, 2020Krasimir Konov

Malicious Pop-up Redirects Baidu Traffic

Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. \ During a recent investigation, we came across an obfuscated pop-up…

Read More about Malicious Pop-up Redirects Baidu Traffic

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Sucuri Sidebar Malware Removal to Signup Page

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2023 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.