Attackers are always trying to come up with new ways to evade detection from the wide range of security controls…
In a previous post, I discussed how attackers can trick website owners into installing malware onto a website — granting…
We sometimes find malware code injections that contain strange code comments, which are normally used by programmers to annotate a…
A PHP shell containing multiple functions can easily consist of thousands of lines of code, so it’s no surprise that…
A large majority of the malware we find on compromised websites are backdoors that allow an attacker to maintain unauthorized…
In an attempt to avoid detection, attackers and malware authors are always experimenting with different methods to obfuscate their malicious…
Website reinfections are a serious problem for website owners, and it can often be difficult to determine the cause behind…
Initially released December 2015, PHP 7 introduced a multitude of performance and security improvements. Approximately 43.7% of websites across the…
“Smoker Backdoor” is a PHP webshell backdoor that uses hexadecimal and decimal obfuscation in conjunction with the PHP function goto…
In the past, I have explained how small one line PHP backdoors use obfuscation and strings of code in HTTP…