Luke Leal

121 posts

Luke Leal is a member of the Malware Research team and joined the company in 2015. Luke's main responsibilities include threat research and malware analysis, which is used to improve our tools. His professional experience covers over eight years of deobfuscating malware code and using unique data from it to help in correlating patterns. When he’s not researching infosec issues or working on websites, you might find Luke traveling and learning about new things. Connect with him on Twitter.

Magento Skimmer Found Loading from magecart[.]net

Luke Leal
January 16, 2020

We recently came across a simple Magento credit card skimmer found on a compromised website that was loading from the malicious domain magecart[.]net. The malicious…

Read the Post

Clean Logs After Rooting Bash Script

Luke Leal
January 15, 2020

During an active research investigation, we found an interesting bash script described by the author as Clean Logs After Rooting. This script is used once…

Read the Post

WordPress Mass Password Changer

Luke Leal
January 14, 2020

Our team recently came across a password changer for WordPress that allows attackers to modify WordPress user passwords within a compromised environment. By default, the…

Read the Post

How Websites Are Used to Spread Emotet Malware

Luke Leal
December 18, 2019

In past posts, we’ve discussed the more popular reasons why hackers target smaller websites. Today, we’ll focus instead on how hackers use compromised websites to…

Read the Post

Another Fake Google Domain: fonts.googlesapi.com

Luke Leal
December 2, 2019

Our Remediation team lead Ben Martin recently found a fake Google domain that is pretty convincing to the naked eye. The malicious domain was abusing…

Read the Post

Black Friday/Cyber Monday Ecommerce Security Threats

Luke Leal
November 25, 2019

With the end of November comes the height of the holiday shopping season — specifically Black Friday and Cyber Monday sales, which typically span the…

Read the Post

Why Reinfections Happen with a WAF

Luke Leal
November 11, 2019

A web application firewall (WAF) is a great way to detect and filter incoming malicious requests before they can exploit website vulnerabilities and security flaws.…

Read the Post

Desperate scammers

Luke Leal
October 30, 2019

In an ideal scenario, when a scam website is found by a blacklist authority, it’s flagged as malicious and eventually taken down by the domain…

Read the Post

Online Credit Card Theft - A Brief Overview of Online Fraud and Abuse

Fake French Police Sextortion Scam

Luke Leal
October 28, 2019

There has been a noted increase in the number of sextortion scams during 2019. These scam campaigns are commonly distributed through email, but any method…

Read the Post

Throwback Threat Thursday: JCE Vulnerability

Luke Leal
October 24, 2019

Throwback Threat Thursday is a series of posts where we recall older vulnerabilities that have since been patched by their developers. In the past, these…

Read the Post

An Indirect Way to Change cPanel Passwords

Luke Leal
October 8, 2019

There’s no doubt that the ubiquitous “forgot your password?” feature has helped many users who’ve misplaced their password or otherwise forgotten it, however—the tradeoff is…

Read the Post