Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Luke Leal

121 posts
Luke Leal is a member of the Malware Research team and joined the company in 2015. Luke's main responsibilities include threat research and malware analysis, which is used to improve our tools. His professional experience covers over eight years of deobfuscating malware code and using unique data from it to help in correlating patterns. When he’s not researching infosec issues or working on websites, you might find Luke traveling and learning about new things. Connect with him on Twitter.
Labs Note
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

Obfuscation Techniques in MARIJUANA Shell “Bypass”

  • Luke Leal
  • December 4, 2020
Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

“Free” Symchanger Malware Tricks Users Into Installing Backdoor

  • Luke Leal
  • December 1, 2020
In a previous post, I discussed how attackers can trick website owners into installing malware onto a website — granting the attacker the same unauthorized…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Security
  • WordPress Security

Hackers Love Expired Domains

  • Luke Leal
  • November 26, 2020
Sometimes, website owners no longer want to own a domain name and they allow it to expire without attempting to renew it. This happens all…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Security
  • WordPress Security

Hidden SEO Spam Link Injections on WordPress Sites

  • Luke Leal
  • November 23, 2020
Often when a website is injected with SEO spam, the owner is completely unaware of the issue until they begin to receive warnings from search…
Read the Post
Labs Note
  • Ecommerce Security
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

PrestaShop SuperAdmin Injector and Login Stealer

  • Luke Leal
  • November 18, 2020
According to W3Tech’s data, PrestaShop is among the most popular CMS choices for existing ecommerce websites, so it should come as no surprise that malware…
Read the Post
Uncommon Radixes Obfuscation
  • Sucuri Labs
  • Website Malware Infections
  • Website Security
  • WordPress Security

Code Comments Reveal SCP 173 Malware

  • Luke Leal
  • November 9, 2020
We sometimes find malware code injections that contain strange code comments, which are normally used by programmers to annotate a section of code — for…
Read the Post
Return to the City of Cron - Malware Infections on Joomla and WordPress
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis

  • Luke Leal
  • November 5, 2020
We’ve seen a wider variety of PHP web shells being used by attackers this year —  including a number of shells that have been significantly…
Read the Post
PHP repository exploited by hackers
  • Security Education
  • Sucuri Labs
  • Website Malware Infections
  • Website Security

P.A.S. Fork v. 1.0 — A Web Shell Revival

  • Luke Leal
  • October 26, 2020
A PHP web shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the…
Read the Post
WordPress Redirect Hack via Test0.com/Default7.com
  • Sucuri Labs
  • Website Malware Infections
  • Website Security
  • WordPress Security

R_Evil WordPress Hacktool & Malicious JavaScript Injections

  • Luke Leal
  • October 22, 2020
We often see hackers reusing the same malware, with only a few new adjustments to obfuscate the code so that it is more difficult for…
Read the Post
Labs Note
  • Ecommerce Security
  • Magento Security
  • Website Security

Magento Phishing Leverages JavaScript For Exfiltration

  • Luke Leal
  • October 14, 2020
During a recent investigation, a Magento admin login phishing page was found on a compromised website using the file name wp-order.php. This is an odd…
Read the Post
Labs Note
  • Sucuri
  • Sucuri Labs
  • Website Security

Redirects to YouTube Defacement Channel

  • Luke Leal
  • October 13, 2020
During a recent investigation, we found an infected website was redirecting to YouTube after its main index.php file had been modified to include the following…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'