B374k Web Shell Packer
Luke Leal PHP web shells are a type of backdoor which, when left on compromised websites, allow attackers to maintain unauthorized access after initial compromise. To further…
Browsing Tag
Malware Dropper
6 posts
Fake M-Shield WordPress Plugin
Krasimir Konov During a recent malware investigation, we found a fake WordPress plugin called M-Shield. We also found almost an identical plugin under the name kingof, with…
PHP Dropper Concealed in Malicious WordPress Plugin
Moe Obaid – an analyst from our Remediation Team – recently found a PHP dropper that had been installed as a malicious WordPress plugin. Unlike…
Self-destruct malware
The majority of malware we find on compromised websites have been planted by bad actors with the intention of concealing and accessing backdoor access. During…
Fake Font Dropper
Moe O A website owner reached out to us to investigate a weird behavior on their site. It was randomly showing a popup window for a missing…
The elegant dropper – reusable code for PHP shell installation
Yuliyan Tsvetkov During our malware research role, we analyze hundreds (if not thousands) of malware samples every day. Quite often, highly-obfuscated techniques are used by attackers to…