Magento’s continued migration from 1.x to 2.x versions has led malware authors to modify existing malicious tools to accomodate for the major differences between these Magento versions.

Analysis of a phishing kit and its admin panel used for managing phishing pages that target Chase Bank and other organizations. The kit was created by ‘Spox’.

How do hackers use a PHP backdoor that is injected into a single line of code in a website’s file? Why is it better at evading malware scanners than other PHP backdoors?

Welcome! 🕵️‍♂️ I created this to share my infosec research more freely.