• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Obfuscation

January 5, 2021Ben Martin

Bogus CSS Injection Leads to Stolen Credit Card Details

A client recently reported their customers were receiving antivirus warnings when trying to access and purchase products from a Magento ecommerce website. This is almost always a telltale sign that something is amiss, and so I began my investigation. Malware in Database Tables As is…

Read More about Bogus CSS Injection Leads to Stolen Credit Card Details

Uncommon Radixes Obfuscation

November 9, 2020Luke Leal

Code Comments Reveal SCP-173 Malware

We sometimes find malware code injections that contain strange code comments, which are normally used by programmers to annotate a section of code — for example, a short description of…

Read More about Code Comments Reveal SCP-173 Malware

SiteCheck September Report

November 2, 2020Denis Sinegubko

CSS-JS Steganography in Fake Flash Player Update Malware

This summer, MalwareBytes researcher Jérôme Segura wrote an article about how criminals use image files (.ico) to hide JavaScript credit card stealers on compromised e-commerce sites. In a tweet, Affable…

Read More about CSS-JS Steganography in Fake Flash Player Update Malware

P.A.S. Fork v. 1.0 - a web shell revival

October 26, 2020Luke Leal

P.A.S. Fork v. 1.0 — A Web Shell Revival

A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most…

Read More about P.A.S. Fork v. 1.0 — A Web Shell Revival

Labs Note

September 29, 2020Krasimir Konov

Malicious Pop-up Redirects Baidu Traffic

Malicious pop-ups and redirects have become two extremely common techniques used by attackers to drive traffic wherever they want. \ During a recent investigation, we came across an obfuscated pop-up…

Read More about Malicious Pop-up Redirects Baidu Traffic

DMARC security

September 15, 2020Kaushal Bhavsar

Missing DMARC Records Lead to Phishing

Email will continue to be the dominant mode of digital communication for the foreseeable future. However, the email framework was not designed with security in mind. There still are security…

Read More about Missing DMARC Records Lead to Phishing

September 10, 2020Luke Leal

WordPress Malware Disables Security Plugins to Avoid Detection

An alarm or monitoring system is a great tool that can be used to improve the security of a home or website, but what if an attacker can easily disable…

Read More about WordPress Malware Disables Security Plugins to Avoid Detection

Labs Note

September 1, 2020Krasimir Konov

Using assert() to Execute Malware in PHP 7 Environments

Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular…

Read More about Using assert() to Execute Malware in PHP 7 Environments

Anatomy of a credit card stealer

August 18, 2020Krasimir Konov

CDN-Filestore Credit Card Stealer for Magento

During a website remediation, we recently discovered a new version of a Magento credit card stealer which sends all compromised data to the malicious domain cdn-filestore[dot]com. My colleague Luke Leal…

Read More about CDN-Filestore Credit Card Stealer for Magento

From .tk Redirects to PushKa Browser Notification Scam

August 14, 2020Luke Leal

Web Crawler & User Agent Blocking Techniques

This is a simple script that allows hackers to block specific crawlers based upon website requests from specific user-agents. This is useful when you don’t want certain traffic from being…

Read More about Web Crawler & User Agent Blocking Techniques

Fake WordPress Plugin SiteSpeed Hosts Malicious Ads & Backdoors

August 13, 2020Luke Leal

Smoker Backdoor: Evasion Techniques in Webshell Backdoors

“Smoker Backdoor” is a PHP webshell backdoor that uses hexadecimal and decimal obfuscation in conjunction with the PHP function goto to evade detection from malware scanners. The hexadecimal/decimal obfuscation is…

Read More about Smoker Backdoor: Evasion Techniques in Webshell Backdoors

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.