Luke Leal

121 posts

Luke Leal is a member of the Malware Research team and joined the company in 2015. Luke's main responsibilities include threat research and malware analysis, which is used to improve our tools. His professional experience covers over eight years of deobfuscating malware code and using unique data from it to help in correlating patterns. When he’s not researching infosec issues or working on websites, you might find Luke traveling and learning about new things. Connect with him on Twitter.

How Some OTP Systems Can Be Used to Prank Spam

Luke Leal
July 25, 2018

I recently came across an interesting index.php file and its corresponding directory on a compromised website. I loaded it in a testing environment and immediately…

Read the Post

Hackers Are Just as Vulnerable as You

Luke Leal
June 15, 2018

I came across some interesting defacement pages recently and noticed a peculiar JavaScript injection included within each source code of the defaced websites. As shown…

Read the Post

An Old Trick with a New Twist: Cryptomining Through Disguised URL Shorteners

Luke Leal
May 22, 2018

As we have previously discussed on this blog, surreptitious cryptomining continues to be a problem as new methods emerge to both evade and hasten the…

Read the Post

IPv6 address in malicious Javascript redirect

Luke Leal
November 29, 2017

We recently came across a file that shows an interesting case with a Javascript malicious code injection in a website’s custom script file, though it’s…

Read the Post

Checking blacklisted domains or IP for spamming

Luke Leal
February 8, 2017

Often times we will encounter websites that have been injected with a redirect and these can vary from blackhat SEO tactics for boosting domain rankings…

Read the Post

Search and Backdoor

Luke Leal
January 18, 2017

The ubiquity of “unlimited” shared hosting platforms has incentivized malware in trying to infect as many adjacent website directories as it can to increase its…

Read the Post

Camouflage does not have to be advanced to be effective

Luke Leal
January 12, 2017

Often times a malware author will try to provide some type of camouflage to their malware’s coding in an effort to disguise an unsuspecting eye…

Read the Post

Sucuri Labs

Not that impressive hack tool

Luke Leal
December 27, 2016

There is often a misconception regarding the tools that attackers implement in their malicious activity, and that misconception is that they must be using advanced…

Read the Post

Security Education

Ask Sucuri: Can Your cPanel Page Be Maliciously Redirected?

Luke Leal
November 29, 2016

Many webmasters may not be aware that hackers are able to maliciously redirect cPanel pages. The specific tactic we describe in this article is unique.…

Read the Post