Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Sucuri Webinar: The Anatomy of Website Malware

What is website malware? In this webinar, we’ll cover the most common website malware types, what various samples look like so you can recognize them, and also show you how they work. Our primary focus will be on the various methods used to hide malware in the infected sites.

Topics include:
- What is malware and how does it work?
- Where and how does it hide?
- What is obfuscation and its most common methods?
- What are mass infections?
- Why should you never use pirated themes/plugins?

  • Sé el primero en comentar

Sucuri Webinar: The Anatomy of Website Malware

  1. 1. Tweet #AskSucuri to @SucuriSecurity The Anatomy of Website Malware S U C U R I W E B I N A R Peter Gramantik, Sr. Malware Researcher
  2. 2. Tweet #AskSucuri to @SucuriSecurity Peter Gramantik Sr. Malware Researcher Find me on Twitter @petergramantik W E B I N A R S P E A K E R Tweet #AskSucuri to @SucuriSecurity
  3. 3. Tweet #AskSucuri to @SucuriSecurity Peter Gramantik • Sucuri 6 years • Sr. Malware Researcher • Happily Married • Love wreck & cave diving, UW filming, riding my Harley Davidson Sportster, finding new detection techniques, … W E B I N A R S P E A K E R Tweet #AskSucuri to @SucuriSecurity
  4. 4. Tweet #AskSucuri to @SucuriSecurity In this webinar you will learn: • What is web malware and how does it usually work. • Where and how does it hide? • What is obfuscation and its most common methods? • What are mass infections? • Why should you never use pirated themes/plugins?
  5. 5. Tweet #AskSucuri to @SucuriSecurity What is malware? Tweet #AskSucuri to @SucuriSecurity ”Malware (malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network.” SHORT HISTORY OF MALWARE: 1970: “Let’s see if we can destroy this computer.” 1990: “Let’s destroy this computer (evil laugh).” 2000: “Let’s infect this computer secretly and profit from it.”
  6. 6. Tweet #AskSucuri to @SucuriSecurity What is website malware? Tweet #AskSucuri to @SucuriSecurity ”Malware (malicious software) is any software intentionally designed to cause damage to a computer, server, client, computer network or a website.” • Websites are the “new” target • First vulnerable website • Unified environment of CMS helps the infections • WordPress is the leader
  7. 7. Tweet #AskSucuri to @SucuriSecurity How does it work: Visible • Defacements • Redirects • Unwanted popups / ads Hidden • Backdoors • CC Stealers • Blackhat SEO
  8. 8. Tweet #AskSucuri to @SucuriSecurity How does it work: Visible • Defacements • Redirects • Unwanted popups / ads Hidden • Backdoors • CC Stealers • Blackhat SEO
  9. 9. Tweet #AskSucuri to @SucuriSecurity How does it work: Visible • Defacements • Redirects • Unwanted popups / ads Hidden • Backdoors • CC Stealers • Blackhat SEO
  10. 10. Tweet #AskSucuri to @SucuriSecurity
  11. 11. Tweet #AskSucuri to @SucuriSecurity How does it work: Visible • Defacements • Redirects • Unwanted popups / ads Hidden • Backdoors • CC Stealers • Blackhat SEO
  12. 12. Tweet #AskSucuri to @SucuriSecurity Malicious Code in Legitimate Magento File Tweet #AskSucuri to @SucuriSecurity
  13. 13. Tweet #AskSucuri to @SucuriSecurity Where and how does it hide: Site Files Tweet #AskSucuri to @SucuriSecurity
  14. 14. Tweet #AskSucuri to @SucuriSecurity Where’s the malware? Site Files
  15. 15. Tweet #AskSucuri to @SucuriSecurity Here it is! Site Files Tweet #AskSucuri to @SucuriSecurity
  16. 16. Tweet #AskSucuri to @SucuriSecurity Where and how does it hide: Databases Tweet #AskSucuri to @SucuriSecurity
  17. 17. Tweet #AskSucuri to @SucuriSecurity Where and how does it hide: Server-level Infection
  18. 18. Tweet #AskSucuri to @SucuriSecurity What is obfuscation: Purpose • Make the code unclear • Hard to decode • Hide • Hard to spot
  19. 19. Tweet #AskSucuri to @SucuriSecurity What is obfuscation: Purpose • Make the code unclear • Hard to decode • Hide • Hard to spot Types • Packers • Faking legitimate code • Random names • Undocumented functions • Random place, ….
  20. 20. Tweet #AskSucuri to @SucuriSecurity What is obfuscation: Tweet #AskSucuri to @SucuriSecurity
  21. 21. Tweet #AskSucuri to @SucuriSecurity What is obfuscation: Tweet #AskSucuri to @SucuriSecurity
  22. 22. Tweet #AskSucuri to @SucuriSecurity What is obfuscation: Tweet #AskSucuri to @SucuriSecurity
  23. 23. Tweet #AskSucuri to @SucuriSecurity Obfuscation Through Legitimate Appearances Obfuscation Blog Articles Uncommon Radixes Used in Malware Obfuscation Decoding Complex Malware – Step-by-Step Go to blog.sucuri.net to learn about website security, emerging vulnerabilities, and web malware infections from our team of website security researchers.
  24. 24. Tweet #AskSucuri to @SucuriSecurity What is obfuscation: Tweet #AskSucuri to @SucuriSecurity
  25. 25. Tweet #AskSucuri to @SucuriSecurity Mass Infections • Infections spreading to thousands websites • Common entry point: vulnerability in outdated software • Could lead to secondary infections • Problems in shared hosting environments: cross site infections Tweet #AskSucuri to @SucuriSecurity Massive Malware Infection Breaking WordPress Sites B L O G P O S T
  26. 26. Tweet #AskSucuri to @SucuriSecurityTweet #AskSucuri to @SucuriSecurity Risk of 3rd Party Software: • Updating CMS could not be sufficient • Abandoned / hijacked plugins and themes • Pirated software • Malwaretising • Backdoors • Spam injections • Business impact
  27. 27. Tweet #AskSucuri to @SucuriSecurity Thank you for your attention :) The Anatomy of Website Malware https://blog.sucuri.net/2019/02/the-anatomy-of-website-malware-an-introduction.html Tweet #AskSucuri to @SucuriSecurity N E W B L O G S E R I E S
  28. 28. Tweet #AskSucuri to @SucuriSecurity Peter Gramantik You can reach me at @petergramantik Submit your questions on Twitter at @SucuriSecurity using the hashtag #AskSucuri

×