Matt Morrow

14 posts

Matt is a Cyber Security analyst who joined Sucuri in 2018. Matt has a long history of working with Linux and Windows servers in a wide context. At Sucuri, Matt's main responsibilities include identifying and removing malware from websites as well as researching emerging malware trends. When Matt isn't focusing his attention there, you will usually find him working on a new piece of music or out in his garden.

Malicious WordPress Plugin Creates Hidden Admin User Backdoor

Matt Morrow
June 20, 2025

I recently wrote about a case where a malicious plugin was used to steal admin credentials. Here we will examine yet another malicious plugin that…

Read the Post

Fake WordPress Caching Plugin Used to Steal Admin Credentials

Matt Morrow
June 4, 2025

A common trend we see is that bad actors will upload malicious plugins to WordPress sites. These plugins serve a wide variety of functions from…

Read the Post

When Good Software Goes Bad

Matt Morrow
April 17, 2025

Most often bad actors try their best to hide their activities by using obfuscated code or by uploading fake plugins or themes that inject simple…

Read the Post

When Spam Hides In Plain Sight

Matt Morrow
February 19, 2025

We recently worked on an interesting case where Casino spam was visible in the page source, but couldn’t be located in any of the usual…

Read the Post

Malware Steals Account Credentials

Matt Morrow
November 8, 2024

It’s common for malware to target e-commerce sites, and these attackers are usually seeking to steal credit card details. In most cases, they will insert…

Read the Post

Rogue Ads Redirect Visitors

Matt Morrow
October 31, 2024

Ads are everywhere. They generate revenue for site owners and can present related content to the website being visited. As detailed in previous articles, bad…

Read the Post

Attackers Abuse Swap File to Steal Credit Cards

Matt Morrow
July 19, 2024

When it comes to website security, sometimes the most innocuous features can become powerful tools in the hands of attackers. Such was the case in…

Read the Post

Credit Card Stealer Hidden in Fake Facebook Pixel Tracker

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

Matt Morrow
April 11, 2024

In recent months, we have encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code —…

Read the Post

How to Recognize & Avoid Phishing Emails: A Cautionary Tale

Matt Morrow
July 20, 2023

We’ve all received spam and phishing emails — our inboxes are often full of them. They let us know that our package is being delivered…

Read the Post

X-Cart Skimmer with DOM Based Obfuscation

PrestaShop Skimmer Concealed in One Page Checkout Module

Matt Morrow
July 19, 2022

PrestaShop is a popular freemium open source e-commerce platform used by hundreds of thousands of webmasters to sell products and services to website visitors. While…

Read the Post

It Takes 2 Seconds of Silence to Skim a Credit Card

Matt Morrow
June 7, 2022

E-commerce websites are valuable targets for attackers. Bad actors often leverage creative techniques to conceal their credit card stealers and gather sensitive credit card information…

Read the Post