Krasimir Konov

66 posts

Krasimir Konov is Sucuri's Malware Analyst who joined the company in 2014. Krasimir's main responsibilities include analyzing malicious code, signature creation and documentation of malware. His professional experience covers more than 10 years in the IT field, with nine years involved in IT/cyber security. When he’s not analyzing malware or writing Labs notes, you might find Krasimir riding his motorcycle and traveling the world. Connect with him on Twitter or LinkedIn.

Malicious Curl Downloader

Krasimir Konov
June 2, 2020

If you want to easily download and save remote files, curl is an excellent command-line tool for Windows and Unix. It supports HTTP, HTTPS, and…

Read the Post

WordPress Admin Login Stealer

Krasimir Konov
April 27, 2020

During an investigation, we identified a WordPress login stealer using the PHP functions curl and file_get_contents. The malicious code was injected into the core file…

Read the Post

Fake M-Shield WordPress Plugin

Krasimir Konov
April 21, 2020

During a recent malware investigation, we found a fake WordPress plugin called M-Shield. We also found almost an identical plugin under the name kingof, with…

Read the Post

How to Protect Personally Identifiable Information (PII) from Search Engines

Krasimir Konov
March 30, 2020

In today’s internet age we take our privacy for granted. We sign up for many services which are “free.” We participate in giveaways and generally…

Read the Post

Phishing and Malware via SMS Text Message

Krasimir Konov
March 6, 2020

We’ve recently noticed an increase in reports of phishing and malware being distributed via SMS text messages. During one investigation, we identified fake messages sent…

Read the Post

Malicious Android Application Used in Phishing Scam

Krasimir Konov
November 13, 2019

While we deal with a lot of phishing cases, we rarely see mobile applications used as part of a phishing campaign—these apps add a layer…

Read the Post

Cryptominers & Backdoors Found in Fake Plugins

Krasimir Konov
October 16, 2019

When cleaning websites, we regularly find phishing pages, malicious code injected into files, and SEO spam. However, over the past couple of months we’ve also…

Read the Post

Malicious Plugin Used to Encrypt WordPress Posts

Krasimir Konov
August 5, 2019

During a recent cleanup, we found an interesting malicious WordPress plugin, “WP Security”, that was being used to encrypt blog post content. The website owner…

Read the Post

EE wireless provider phishing malware

Krasimir Konov
August 1, 2019

A large number of phishing targets include popular services such as banks, payment providers, and email services. In this type of attack, fraudsters create fake…

Read the Post

Self-destruct malware

Krasimir Konov
July 31, 2019

The majority of malware we find on compromised websites have been planted by bad actors with the intention of concealing and accessing backdoor access. During…

Read the Post

web.config Redirect Malware

Krasimir Konov
June 26, 2019

We recently found this malware on a windows hosting server where the web.config file was modified with the following code. The code redirects multiple user…

Read the Post