Global CyberSecurity

Whitespace Steganography Conceals Web Shell in PHP Malware

By OTC 02/03/2021

Post Views: 798

Published on 02/03/2021 – Last Updated on 02/03/2021 by OTC

Last November, we wrote about how attackers are using JavaScript injections to load malicious code from legitimate CSS files.

At first glance, these injections didn’t appear to contain anything except for some benign CSS rules. A more thorough analysis of the .CSS file revealed 56,964 seemingly empty lines containing combinations of invisible tab (0x09), space (0x20), and line feed (0x0A) characters, which were converted to binary representation of characters and then to the text of an executable JavaScript code.

Continue reading Whitespace Steganography Conceals Web Shell in PHP Malware at Sucuri Blog.

Comments

Comments are closed.

More in Global CyberSecurity

Global CyberSecurity

Whitespace Steganography Conceals Web Shell in PHP Malware

Russian naval assets transit Suez Canal

Fast & Featured: How Entities Can Help You Conquer Snippets in Less Than 4 Minutes

Comments

More in Global CyberSecurity

PHP Reinfector and Backdoor Malware Target WordPress Sites

Malware Steals Account Credentials

2024 Credit Card Theft Season Arrives

Cyber-Space

Simple Include Statement Hides Casino Spam

PHP Reinfector and Backdoor Malware Target WordPress Sites

Malware Steals Account Credentials

PHMC GPE LLC

Social EYK

Economy & Finance

Russian naval assets transit Suez Canal

Fast & Featured: How Entities Can Help You Conquer Snippets in Less Than 4 Minutes

You may also like

Comments

More in Global CyberSecurity

Cyber-Space

PHMC GPE LLC

Social EYK