Malicious Backdoor Hidden Inside Fake Image
Samuel Odendaal During an incident response investigation, we detected an interesting backdoor that was hidden in a fake image. The attacker was quite creative in creating an…
Browsing Category
Website Malware Infections
839 posts
Protecting Phishing Pages via .htaccess
Yuliyan Tsvetkov Phishers usually want to protect their pages from being detected by search engines and security companies. To achieve that, they add .htaccess files that deny…
A Simple Prestashop Login Swiper
Conrado Torquato In a compromised environment, attackers may inject malicious code into different files, including the core of different CMSs, in order to maintain access to the…
Phishing the Right Phish
Fernando Barbosa Social engineering techniques, like phishing, can be powerful in persuading users into performing specific actions or disclosing confidential information. In these types of scenarios, attackers…
Yet Another Expired Domain causes WP Plugin to Redirect Users
Krasimir Konov Malicious redirects are very common in compromised websites. Attackers try to take advantage of the site resources to promote spam, distribute other malware/backdoors, and perform…
When Your Plugins Turn Against You
Cesar Anjos Every day we face countless cases of sites getting compromised and infected by an attacker. From there, the sites can be used for various operations…
Undesired Redirects
Whether it is your own or a website you are visiting, undesired redirects and pop-ups are always annoying. The situation gets worse when your visitors…
How Undefined Variables Can Give You RCE
When investigating a compromised website, our team has to make sure that all malware and backdoors are cleared from the environment. In some instances, these…
The elegant dropper – reusable code for PHP shell installation
During our malware research role, we analyze hundreds (if not thousands) of malware samples every day. Quite often, highly-obfuscated techniques are used by attackers to…
Simple $_COOKIE backdoor (variation)
There are many ways to develop a backdoor and virtually all of them share a similar goal – not to be discovered. To achieve that,…
Tricky malvertising injections
Abdelli Nassereddine When a website is compromised, one of the most interesting and challenging tasks we perform is identifying all malware to prevent attackers from regaining access…