Global CyberSecurity

Whitespace Steganography Conceals Web Shell in PHP Malware

0

Last November, we wrote about how attackers are using JavaScript injections to load malicious code from legitimate CSS files.

At first glance, these injections didn’t appear to contain anything except for some benign CSS rules. A more thorough analysis of the .CSS file revealed 56,964 seemingly empty lines containing combinations of invisible tab (0x09), space (0x20), and line feed (0x0A) characters, which were converted to binary representation of characters and then to the text of an executable JavaScript code.

Continue reading Whitespace Steganography Conceals Web Shell in PHP Malware at Sucuri Blog.

Russian naval assets transit Suez Canal

Previous article

Fast & Featured: How Entities Can Help You Conquer Snippets in Less Than 4 Minutes

Next article

You may also like

Comments

Comments are closed.