Rodrigo Escobar

About Rodrigo Escobar

Rodrigo Escobar is Sucuri's Sr. Malware Research Manager who joined the company in 2012. Rodrigo's main responsibilities include the coordination of malware analysts and research groups, and deployment of effective remediation solutions. His professional experience covers more than eight years in website remediation and malware analysis. When Rodrigo isn't investigating cyber threats and looking for solutions to prevent them, you might find him at the computer, reading assembly and learning new skills. Connect with him on LinkedIn.

August 15, 2017Rodrigo Escobar

Decoding Complex Malware – Step-by-Step

When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into different locations to increase the chances of reinfecting the site and maintaining access for as long as possible. Our…

February 17, 2017Rodrigo Escobar

WordPress Security – Fake TrafficAnalytics Website Infection

Several months ago, our research team identified a fake analytics infection, known as RealStatistics. The malicious Javascript injection looks a lot like tracking code for a legitimate analytics service. RealStatistics…

February 2, 2017Rodrigo Escobar

RealStatistics Goes TrafficAnalytics

In the last few months, our Incident Response Team detected an interesting malicious code that affected a high number of websites. This malware is a variation of the “Realstatistics” campaign…

December 1, 2016Rodrigo Escobar

Exploited Script in WordPress Theme Sends Spam

Update 11/03/2017: If you want to learn how to secure WordPress, you can read all about it in our new guide. As WordPress continues to grow in popularity, so does…

October 31, 2016Rodrigo Escobar

WordPress Theme Mailing Script being exploited in the wild

A few weeks ago, we posted a lab notes describing a good theme file being exploited by attackers to send mass-mailing SPAM (http://labs.sucuri.net/?note=2016/08/15 0:00). Upon further investigation, we identified that…

August 15, 2016Rodrigo Escobar

Mass Mailing SPAM From a Good File

We often find code that is developed with good intent but the security aspects of it are not always taken into consideration. During a routine cleanup investigation we found a…

May 16, 2016Rodrigo Escobar

Secure Coding: How to Account for Input Sanitization

On average, a website leverages around 18-20 different plugins in its structure. These plugins enhance the website’s functionality and in some instances extend the applications core capabilities. It’s great for…

November 11, 2015Rodrigo Escobar

Helpscout Blacklisted by Norton

Early this morning we got complaints from our clients mentioning that Norton was flagging Helpscout, a Help Desk System. Some of the pages were triggering this warning Upon a quick…

February 26, 2015Rodrigo Escobar

Malware Cleanup to Arbitrary File Upload in Gravity Forms

During our regular cleanup process we came across a reinfection case that caught our attention. This particular environment didn’t have anything special or fancy, it was an updated WordPress installation…

August 9, 2013Rodrigo Escobar

Open Source Backdoor – Copyrighted Under GNU GPL

Malware code can be very small, and the impact can be very severe! In our daily tasks we find a lot of web-based malware that varies in size and impact….

July 31, 2013Rodrigo Escobar

HideMeBetter – SPAM injection Variant

Compromised sites being injected with SPAM SEO is something we deal very often. A few months ago we wrote about a wave of SPAM injections known as HideMe. However, the…