How PHP Droppers Spread Malware

How PHP Droppers Spread Malware
A breakdown of how PHP droppers are used to spread binary malware through malicious URLs and spam emails.
Read more →

Malware Disables Wordfence Security Plugin & Forges Timestamps

Malware Disables Wordfence Security Plugin & Forges Timestamps
A malicious PHP file is used to take down Wordfence plugin before it adjusts its own mtime timestamp.
Read more →

Skimmer Loaded Via Image On MemberPress Checkout Form & Magento

Skimmer Loaded Via Image On MemberPress Checkout Form & Magento
A payment card skimmer hidden within an existing PNG image on an infected WordPress website that uses MemberPress and collects payment data for private membership. A variant was also found stealing payment card information on an infected Magento website.
Read more →

SCP-173 PHP Malware + WordPress

SCP-173 PHP Malware + WordPress
An interesting code comment, scp-173, with meme origins has been found in various PHP malware targeting WordPress websites throughout 2020.
Read more →

Plugin Killer: WordPress Malware Disables Security Plugins

Plugin Killer: WordPress Malware Disables Security Plugins
A malicious PHP file that was disabling common WordPress security plugins before injecting SEO spam onto the infected website.
Read more →
Disclaimer: The research posted on this website is for information purposes only. Do not use it for illegal purposes.