Peter Gramantik

27 posts

Peter Gramantik is Sucuri’s Sr. Malware Researcher who joined the company in 2013. Peter’s main responsibilities include crafting signatures for new malware, and improving existing and researching new detection techniques. His professional experience covers 15 years of fighting malware. When Peter isn’t researching malware, you might find him doing technical and cave dives, riding his Harley Davidson, playing the guitar and singing in a band, or cooking BBQ for his family and friends. Connect with Peter on Twitter.

The Anatomy of Website Malware Part 2: Credit Card Stealers

Peter Gramantik
December 30, 2019

One of the biggest malicious trends in the last few months and years are credit card stealers — also commonly referred to as credit card…

Read the Post

The Anatomy of Website Malware: An Introduction

Peter Gramantik
February 7, 2019

We see a lot of files infected by website malware on a daily basis here at Sucuri Labs. What we don’t see is very many…

Read the Post

Fake Volkswagen Campaign Spreads Through Social Networks

Peter Gramantik
December 7, 2018

We recently investigated a suspicious link received by one of my colleagues on WhatsApp. The message (in Portuguese) states that Volkswagen is offering 20 free…

Read the Post

Outdated Duplicator Plugin RCE Abused

Peter Gramantik
September 14, 2018

We’re seeing an increase in the number of cases where attackers are disabling WordPress sites by removing or rewriting its wp-config.php file. These cases are all linked…

Read the Post

Persistent Malicious Redirect Variants

Peter Gramantik
July 16, 2018

It’s always nice to meet an old friend or someone you used to know well. You have news to share and talk about, stories to…

Read the Post

Obfuscation Through Legitimate Appearances

Peter Gramantik
April 4, 2018

Recently, I analyzed a malware sample provided by our analyst Edward C. Woelke and noticed that it had been placed in a core WordPress folder.…

Read the Post

x-wp-spam-shield-pro malicious fake plugin

WordPress Security

Fake Plugins, Fake Security

Peter Gramantik
September 28, 2017

Update: The plugin name is fake and has nothing to do with the well-known WP-SpamShield plugin in the official WordPress plugin repository. WordPress users are…

Read the Post

Sucuri Labs

Targeting mobile devices the easy way

Peter Gramantik
September 29, 2016

With the outburst of mobile-only malware, we’re seeing a lot of mobile-devices targeted campaigns in last years. There are lot of ways how to make…

Read the Post

Security Education

Ask Sucuri: How Modern Web Phishing Works

Peter Gramantik
August 30, 2016

Most of us have experienced some kind of phishing attempt in our online lives, and we have seen phishing grow in complexity. Usually, we notice…

Read the Post

Security Education

SEO Spam Technique Designed to Avoid Detection

Peter Gramantik
April 22, 2016

Ten years ago the internet looked very different than it does now. Today, web designers have more options and standards to make a website stand…

Read the Post

Return of the EXIF PHP Joomla Backdoor

Peter Gramantik
November 3, 2015

Our Remediation and Research teams are in constant communication and collaboration. It’s how we stay ahead of the latest threats, but it also presents an…

Read the Post