GFX Xsender Hack Tool: A Spam Mailer
Luke Leal PHP hack tools are created and used by attackers to help automate frequent or tedious tasks. During a recent investigation, we came across a hack…
Browsing Category
Website Malware Infections
840 posts
Backdoor Obfuscation: tempnam & URL Encoding
In an attempt to avoid detection, attackers and malware authors are always experimenting with different methods to obfuscate their malicious code. During a recent investigation,…
Malicious One-Liner Using Hastebin
Krasimir Konov Short scripts that deliver malware to a website are nothing new, but during a recent investigation we found a script using hastebin[.]com, which is a…
The Hidden PHP Malware that Reinfects Cleaned Files
Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if…
phpbash – A Terminal Emulator Web Shell
It’s common for hackers to utilize post-compromise tools that contain a graphical user interface (GUI) that can be loaded in the web browser. A GUI…
WordPress Malware Disables Security Plugins to Avoid Detection
An alarm or monitoring system is a great tool that can be used to improve the security of a home or website, but what if…
Using assert() to Execute Malware in PHP 7 Environments
Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x,…
COVID-19 Chloroquine Pharmaspam
A recent SiteCheck scan of an organization’s website showed an interesting pharmacy spam injection targeting COVID-19-related pages of websites. The HTML that was flagged by…
CDN-Filestore Credit Card Stealer for Magento
During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain…
Smoker Backdoor: Evasion Techniques in Webshell Backdoors
“Smoker Backdoor” is a PHP webshell backdoor that uses hexadecimal and decimal obfuscation in conjunction with the PHP function goto to evade detection from malware…
String Concatenation: Obfuscation Techniques
While string concatenation has many valuable applications in development — such as making code more efficient or functions more effective — it is also a…