Small One-liner Backdoor
Samuel Odendaal During an incident response investigation, we detected an interesting backdoor that was small but had the potential to give the attacker full access to your…
Browsing Category
Sucuri Labs
336 posts
JavaScript Used to Generate Malicious Documents
Krasimir Konov When talking about compromised environments, we often think that the website itself is the end goal but that’s not always true. In some cases, attackers…
Mobile Malware Targets eCommerce Websites & Users
Moe O A mobile malware is a malicious software that targets mobile/smartphones, tablets and similar devices. The attacks may vary from fatal damage to the OS (bricking)…
PHP Script Nukes All Website Files
Ben Martin Most malware and spam that we come across has some sort of discernable purpose to it, usually something which benefits the attackers financially. This is…
Malicious Backdoor Hidden Inside Fake Image
During an incident response investigation, we detected an interesting backdoor that was hidden in a fake image. The attacker was quite creative in creating an…
Protecting Phishing Pages via .htaccess
Yuliyan Tsvetkov Phishers usually want to protect their pages from being detected by search engines and security companies. To achieve that, they add .htaccess files that deny…
A Simple Prestashop Login Swiper
Conrado Torquato In a compromised environment, attackers may inject malicious code into different files, including the core of different CMSs, in order to maintain access to the…
Phishing the Right Phish
Fernando Barbosa Social engineering techniques, like phishing, can be powerful in persuading users into performing specific actions or disclosing confidential information. In these types of scenarios, attackers…
Yet Another Expired Domain causes WP Plugin to Redirect Users
Malicious redirects are very common in compromised websites. Attackers try to take advantage of the site resources to promote spam, distribute other malware/backdoors, and perform…
Undesired Redirects
Cesar Anjos Whether it is your own or a website you are visiting, undesired redirects and pop-ups are always annoying. The situation gets worse when your visitors…
How Undefined Variables Can Give You RCE
When investigating a compromised website, our team has to make sure that all malware and backdoors are cleared from the environment. In some instances, these…