Luke Leal

121 posts

Luke Leal is a member of the Malware Research team and joined the company in 2015. Luke's main responsibilities include threat research and malware analysis, which is used to improve our tools. His professional experience covers over eight years of deobfuscating malware code and using unique data from it to help in correlating patterns. When he’s not researching infosec issues or working on websites, you might find Luke traveling and learning about new things. Connect with him on Twitter.

Tips for WP-CONFIG to avoid sensitive data exposure

How to Harden WordPress With WP-Config & Avoid Data Exposure

Luke Leal
July 3, 2023

What is wp-config.php? The wp-config.php file is a powerful core WordPress file that is vital for running your website. It contains important configuration settings for…

Fake Instagram Verification & Twitter Badge Phishing

Luke Leal
August 9, 2022

Social media platforms like Instagram and Twitter offer verification badges as a credibility indicator to help show authenticity and integrity to visitors. To obtain a…

Credit Card Stealer Targets PsiGate Payment Gateway Software

Luke Leal
May 24, 2022

Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle…

Magento 2 PHP Skimmer Saves To Image File

Magento 2 PHP Credit Card Skimmer Saves to JPG

Luke Leal
March 10, 2021

Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2…

Trojan Spyware and BEC Attacks

Luke Leal
March 3, 2021

When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that…

SQL Triggers in Website Backdoors

Luke Leal
February 25, 2021

Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within compromised databases. These queries…

Phishing & Malspam with Leaf PHPMailer

Luke Leal
January 26, 2021

It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click…

Magento PHP Injection Loads JavaScript Skimmer

Luke Leal
January 21, 2021

A Magento website owner was concerned about malware and reached out to our team for assistance. Upon investigation, we found the website contained a PHP…

Real-Time Phishing Kit Targets Brazilian Central Bank

Luke Leal
January 14, 2021

We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page…

Obfuscation Techniques in Ransomweb “Ransomware”

Luke Leal
January 12, 2021

As vital assets for many business operations, websites and their hosting servers are often the target of ransomware attacks — and if they get taken…

Evaluating Cookies to Hide Backdoors

Luke Leal
January 7, 2021

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often…