Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Luke Leal

121 posts
Luke Leal is a member of the Malware Research team and joined the company in 2015. Luke's main responsibilities include threat research and malware analysis, which is used to improve our tools. His professional experience covers over eight years of deobfuscating malware code and using unique data from it to help in correlating patterns. When he’s not researching infosec issues or working on websites, you might find Luke traveling and learning about new things. Connect with him on Twitter.
Tips for WP-CONFIG to avoid sensitive data exposure
  • Security Education
  • Website Security
  • WordPress Security

How to Harden WordPress With WP-Config & Avoid Data Exposure

  • Luke Leal
  • July 3, 2023
What is wp-config.php? The wp-config.php file is a powerful core WordPress file that is vital for running your website. It contains important configuration settings for…
Read the Post
Instagram Verification & Twitter Badge Phishing
  • Security Education
  • Website Security

Fake Instagram Verification & Twitter Badge Phishing

  • Luke Leal
  • August 9, 2022
Social media platforms like Instagram and Twitter offer verification badges as a credibility indicator to help show authenticity and integrity to visitors. To obtain a…
Read the Post
Credit Card Stealer Targets PSiGate Payment Gateway Software
  • Ecommerce Security
  • Magento Security
  • Website Malware Infections
  • Website Security

Credit Card Stealer Targets PsiGate Payment Gateway Software

  • Luke Leal
  • May 24, 2022
Magento’s payment provider gateway offers functionalities for site owners to integrate stores with payment service providers. This handy feature lets a website create and handle…
Read the Post
Magento 2 PHP Skimmer Saves To Image File
  • Ecommerce Security
  • Magento Security
  • Website Malware Infections
  • Website Security

Magento 2 PHP Credit Card Skimmer Saves to JPG

  • Luke Leal
  • March 10, 2021
Bad actors often leverage creative techniques to conceal malicious behaviour and harvest sensitive information from ecommerce websites. A recent investigation for a compromised Magento 2…
Read the Post
Trojan Spyware and BEC Attacks
  • Security Education
  • Sucuri Labs
  • Website Security

Trojan Spyware and BEC Attacks

  • Luke Leal
  • March 3, 2021
When it comes to an organization’s security, business email compromise (BEC) attacks are a big problem. One primary reason impacts are so significant is that…
Read the Post
Backdoor SQL Trigger
  • Sucuri Labs
  • Website Security
  • WordPress Security

SQL Triggers in Website Backdoors

  • Luke Leal
  • February 25, 2021
Over the past year, there’s been an increasing trend of WordPress malware using SQL triggers to hide malicious SQL queries within hacked databases. These queries…
Read the Post
Phishing Campaign
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Phishing & Malspam with Leaf PHPMailer

  • Luke Leal
  • January 26, 2021
It’s common knowledge that attackers often use email as a delivery mechanism for their malicious activity — which can range from enticing victims to click…
Read the Post
Labs Note
  • Ecommerce Security
  • Sucuri
  • Sucuri Labs
  • Website Security

Magento PHP Injection Loads JavaScript Skimmer

  • Luke Leal
  • January 21, 2021
A Magento website owner was concerned about malware and reached out to our team for assistance. Upon investigation, we found the website contained a PHP…
Read the Post
Phishing Campaign
  • Ecommerce Security
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Real-Time Phishing Kit Targets Brazilian Central Bank

  • Luke Leal
  • January 14, 2021
We recently found an interesting phishing kit on a compromised website that has QR code capabilities, along with the ability to control the phishing page…
Read the Post
Troldesh Ransomware Dropper
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Obfuscation Techniques in Ransomweb “Ransomware”

  • Luke Leal
  • January 12, 2021
As vital assets for many business operations, websites and their hosting servers are often the target of ransomware attacks — and if they get taken…
Read the Post
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security
  • WordPress Security

Evaluating Cookies to Hide Backdoors

  • Luke Leal
  • January 7, 2021
Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'