New iFrame Injections Leverage PNG Image Metadata
We’re always trying to stay ahead of the latest trends, and today we caught a very interesting one that we have either been missing, or it’s new. We’ll just say it’s new.. 😉 We’re all familiar with the...
View ArticlePHP Callback Functions: Another Way to Hide Backdoors
We often find new techniques employed by malware authors. Some are very interesting, others are pretty funny, and then there are those that really stump us in their creativity and effectiveness. This...
View ArticleASP Backdoors? Sure! It’s not just about PHP
I recently came to the realization that it might appear that we’re partial to PHP and WordPress. This realization has brought about an overwhelming need to correct that perception. While they do make...
View ArticleWebsite Malware: Mobile Redirect to BaDoink Porn App Evolving
Recently, we wrote about a malware redirect causing compromised sites to redirect their visitors to pornographic content (specifically, the BaDoink app). You can read more about what we found by going...
View ArticleWigo Means Bingo for Blackseo Agent
This week my colleague Peter Gramantik showed me a few infected sites that had very similar code embedded in the WordPress index.php files: if (eregi('-dbst',$_SERVER['REQUEST_URI'])) {...
View Article
