• Skip to primary navigation
  • Skip to content
  • Skip to primary sidebar
  • Skip to footer

Sucuri Blog

Website Security News

  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Enterprise Website Security
    • Multisite Solutions
  • Features
    • Detection
    • Protection
    • Performance
    • Response
    • Backups
  • Partners
    • Agency Solutions
    • Partners
    • Referral Program
    • Ecommerce
  • Resources
    • Guides
    • Webinars
    • Infographics
    • SiteCheck
    • Reports
    • Email Courses
  • Immediate Help
  • Login

Website Backdoor

January 7, 2021Luke Leal

Evaluating Cookies to Hide Backdoors

Identifying website backdoors is not always an easy task. Since a backdoors primary function is to conceal itself while providing unauthorized access, they are often developed using a variety of techniques that can make it challenging to detect. For example, an attacker can inject a…

Read More about Evaluating Cookies to Hide Backdoors

Lightbox Adware - From Innocent Scripts to Malicious Redirects

December 15, 2020Cesar Anjos

Why You Should Monitor Your Website

In an effort to maintain unauthorized access or profit off a website’s environment long after an initial compromise, attackers commonly leverage a variety of different techniques and tactics. These techniques…

Read More about Why You Should Monitor Your Website

Labs Note

December 8, 2020Douglas Santos

Fake WordPress Functions Conceal assert() Backdoor

A few weeks ago, I was manually inspecting some files on a compromised website. While checking on a specific WooCommerce file, I noticed something interesting. Among 246 other lines, this…

Read More about Fake WordPress Functions Conceal assert() Backdoor

Labs Note

December 4, 2020Luke Leal

Obfuscation Techniques in MARIJUANA Shell “Bypass”

Attackers are always trying to come up with new ways to evade detection from the wide range of security controls available for web applications. This also extends to malware like…

Read More about Obfuscation Techniques in MARIJUANA Shell “Bypass”

Labs Note

December 1, 2020Luke Leal

“Free” Symchanger Malware Tricks Users Into Installing Backdoor

In a previous post, I discussed how attackers can trick website owners into installing malware onto a website — granting the attacker the same unauthorized access as if they had…

Read More about “Free” Symchanger Malware Tricks Users Into Installing Backdoor

Uncommon Radixes Obfuscation

November 9, 2020Luke Leal

Code Comments Reveal SCP-173 Malware

We sometimes find malware code injections that contain strange code comments, which are normally used by programmers to annotate a section of code — for example, a short description of…

Read More about Code Comments Reveal SCP-173 Malware

P.A.S. Fork v. 1.0 - a web shell revival

October 26, 2020Luke Leal

P.A.S. Fork v. 1.0 — A Web Shell Revival

A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that attackers often reuse the code from some of the most…

Read More about P.A.S. Fork v. 1.0 — A Web Shell Revival

Labs Note

October 6, 2020Krasimir Konov

Backdoor Shell Dropper Deploys CMS-Specific Malware

A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized access to the site and execute whatever commands they want….

Read More about Backdoor Shell Dropper Deploys CMS-Specific Malware

Labs Note

September 28, 2020Luke Leal

Backdoor Obfuscation: tempnam & URL Encoding

In an attempt to avoid detection, attackers and malware authors are always experimenting with different methods to obfuscate their malicious code. During a recent investigation, we came across an interesting…

Read More about Backdoor Obfuscation: tempnam & URL Encoding

W97M/Downloader Malware Dropper Served from Compromised Websites

September 18, 2020Luke Leal

The Hidden PHP Malware that Reinfects Cleaned Files

Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind the reinfection — especially if you lack access to necessary…

Read More about The Hidden PHP Malware that Reinfects Cleaned Files

Labs Note

September 1, 2020Krasimir Konov

Using assert() to Execute Malware in PHP 7 Environments

Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the web currently use PHP 7.x, making it an incredibly popular…

Read More about Using assert() to Execute Malware in PHP 7 Environments

Primary Sidebar

Socialize With Sucuri

We're actively engaged across multiple platforms. Follow us and let's connect!

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • RSS Feed

Join Over 20,000 Subscribers!

Footer

Products

  • Website Firewall
  • Website AntiVirus
  • Website Backups
  • WordPress Security
  • Enterprise Services

Solutions

  • DDos Protection
  • Malware Detection
  • Malware Removal
  • Malware Prevention
  • Blacklist Removal

Support

  • Blog
  • Knowledge Base
  • SiteCheck
  • Research Labs
  • FAQ

Company

  • About
  • Media
  • Events
  • Employment
  • Contact
  • Testimonials
  • Facebook
  • Twitter
  • LinkedIn
  • Instagram

Customer Login

Sucuri Home

  • Terms of Use
  • Privacy Policy
  • Frequently Asked Questions

© 2021 Sucuri Inc. All rights reserved

Sucuri Cookie Policy
See our policy>>

Our website uses cookies, which help us to improve our site and enables us to deliver the best possible service and customer experience.