How to eval() without eval() in PHP
Peter Gramantik According to our daily malware analysis experience, we’ve noticed that the bad guys are using obfuscation more and more to hide what they are doing.…
How We Decoded Some Nasty Multi-Level Encoded Malware
Ante Kresic From time to time, we come up with interesting bits of malware that are just calling us to decode and learn more about them. This…
Phishing Emails to Install Malicious WordPress Plugins
Daniel Cid When all else fails, the bad guys can always rely on some basic social engineering tactics with a little hit of phishing!! Over the weekend,…
Stealing Credit Cards – A WordPress and vBulletin Hack
Tony Perez What better way to celebrate Thanksgiving than to share an interesting case that involves two of the most popular CMS applications out there – vBulletin…
WordPress password stealer
Following Fio’s recent post on the Joomla password stealer, here’s another beautiful example of password stealer. This time from WordPress environment. It’s easy to understand,…
Another Fake WordPress Plugin – And Yet Another SPAM Infection!
We clean hundreds and thousands of infected websites, a lot of the cleanups can be considered to be somewhat “routine”. If you follow our blog,…
The Story of Clip:rect – A Black Hat SEO Trick
Denis Sinegubko We regularly write about Black Hat SEO hacks here. Such hacks help hackers monetize their access to compromised sites by incorporating them into massive schemes…
Joomla password stealer
Fioravante Souza As we know, one of the main payloads of a successful attack is to maintain access to the compromised server for as long as possible.…
Understanding Google’s Blacklist – Cleaning Your Hacked Website and Removing From Blacklist
Today we found an interesting case where Google was blacklisting a client’s site but not sharing the reason why. The fact they were sharing very…
vBulletin.com Compromised
The vBulletin team recently announced that they suffered a compromise which allowed the attackers access to vbulletin.com servers and database. On their own words: We…
Case Study: Analyzing a WordPress Attack – Dissecting the webr00t cgi shell – Part I
November 1st started like any other day on the web. Billions of requests were being shot virtually between servers in safe and not so safe…