Encryption

April 6, 2020Cesar Anjos

Analyzing & Decrypting L4NC34’s Simple Ransomware

We’re constantly seeing news about computers being infected by ransomware, but very little do we hear about it affecting websites. That being said, the impact can be serious if the affected website is the webmaster’s only source of income or a business relies entirely on…

January 28, 2020Rianna MacLeod

Hacked Website Threat Report – 2019

The threat landscape for website owners is constantly shifting on a regular basis — and it’s becoming increasingly more complex. As attackers continue to develop tools and find new vulnerabilities…

November 18, 2019Cesar Anjos

Down the Malware Rabbit Hole: Part II

In our last post in this series, we took a look at a code snippet that had been encoded in a very specific way — and hidden 91 layers deep….

November 14, 2019Peter Kankowski

Mixed Content Warnings in Google Chrome

Migrating your website to HTTPS may seem like a simple task. Get the TLS/SSL certificate, install it on your web server, and you’re done. The real pain for large projects,…

August 5, 2019Krasimir Konov

Malicious Plugin Used to Encrypt WordPress Posts

During a recent cleanup, we found an interesting malicious WordPress plugin, “WP Security”, that was being used to encrypt blog post content. The website owner complained of a newly installed…

May 29, 2019Luke Leal

PHP Backdoor Evaluates XOR Encrypted Requests

In the past, we’ve mentioned how the PHP XOR bitwise operator (represented by the caret ^) can be used to encrypt a malware’s source code. This operator makes it more…

February 5, 2019Alycia Mitchell

Safer Internet Day: Security vs. Convenience

It isn’t easy to be secure all the time — this is especially true if you are new to cybersecurity. A well-formed security plan takes deliberate effort at the very…

January 29, 2019Mohammed Obaid

Spam Injector Disguised as License Key in WordPress Website

Here at Sucuri, we clean WordPress websites every day. There are various types of common malware, but when we stumble upon a different scenario, our research team likes to dig…

October 25, 2018Gerson Ruiz

OWASP Top 10 Security Risks – Part II

It is National Cyber Security Awareness Month and in order to bring awareness to what threatens the integrity of websites, we have started a series of posts on the OWASP…

October 9, 2018Samuel Odendaal

Obfuscated JavaScript Cryptominer

During an incident response investigation, we detected an interesting piece of heavily obfuscated JavaScript malware. Once decoded, we found out that cryptominers were running on visitor’s computers when they accessed our…

August 28, 2018Gerson Ruiz

Core Integrity Verifications

In order to clean a malware infection, the first thing we need to know is which files have been compromised. At Sucuri, we use several techniques including whitelists, blacklists, and…