all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Remote Code Execution Backdoor Uses Unicode Obfuscation & Non-Standard File Extensions

Add to bookmarks
June 22, 2023, 9:28 p.m. | Ben Martin

Sucuri Blog blog.sucuri.net

Readers of this blog will know that attackers are constantly finding new ways to hide their malware and avoid detection; after all, that’s what good malware does best! We have recently observed attackers leveraging both excessive amounts of unicode as well as peculiar includes and file extensions within their WordPress backdoors to conceal their malware and make it more difficult to find and detect.


In this post we’ll review what this malware does, what it looks like, and how to …

attackers backdoor blog code code execution detection extensions file good hacked websites hide malware non obfuscation remote code remote code execution standard unicode website backdoor website malware infections website security wordpress security

Visit resource

More from blog.sucuri.net / Sucuri Blog

Mal.Metrica Redirects Users to Scam Sites 2 days, 12 hours ago | blog.sucuri.net
analysts black hat tactics click compromised +11
WordPress Vulnerability & Patch Roundup April 2024 5 days, 16 hours ago | blog.sucuri.net
april attacks automated awareness +33
What is a Zero-Day Vulnerability? 1 week, 2 days ago | blog.sucuri.net
best practices can dev dev teams +19
What is Cookie Hijacking 1 week, 4 days ago | blog.sucuri.net
access accounts application attackers +25
JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS 2 weeks, 2 days ago | blog.sucuri.net
august black hat tactics campaign cloud +30
WordPress Maintenance: Tasks & Best Practices 2 weeks, 4 days ago | blog.sucuri.net
best practices can expertise guide +10
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker 3 weeks, 2 days ago | blog.sucuri.net
admin amp area attackers +32
Web Shells: Types, Mitigation & Removal 3 weeks, 5 days ago | blog.sucuri.net
access attackers best practices compromised +33
Magento Shoplift: Ecommerce Malware Targets Both WordPress & Magento CMS 1 month ago | blog.sucuri.net
adoption black hat tactics can cms +19

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr Cyber Threat Hunt Researcher

@ Peraton | Beltsville, MD, United States
View on infosec-jobs.com

Lead Consultant, Hydrogeologist

@ WSP | Chattanooga, TN, United States
View on infosec-jobs.com

Senior Security Engineer - Netskope/Proofpoint

@ Sainsbury's | London, London, United Kingdom
View on infosec-jobs.com

Senior Technical Analyst-Network Security

@ Computacenter | Bengaluru Bengaluru (Bengaluru, IN, 560025
View on infosec-jobs.com

Senior DevSecOps Engineer - Clearance Required

@ Logistics Management Institute | Remote, United States
View on infosec-jobs.com

Software Test Automation Manager - Cloud Security

@ Tenable | Israel - Office - CS
View on infosec-jobs.com
View more jobs