When cleaning websites, one of the most complicated parts of our job is ensuring we find all backdoors. Most of the time, attackers inject code into different locations to increase the chances of reinfecting the site and maintaining access for as long as possible. Our research finds that in 67% of the websites we clean, there is at least one backdoor variant.
Although we have hundreds of posts on backdoors and their effects, today we want to discuss a few techniques and provide in-depth technical knowledge on how to decode an advanced piece of malware.
*** This is a Security Bloggers Network syndicated blog from Sucuri Blog authored by Rodrigo Escobar. Read the original post at: https://blog.sucuri.net/2017/08/malware-decoding-step-step-guide.html