joe codes

x-cart guru & custom programmer

  • About
  • Archives
  • Contact

Powered by Genesis

Spot the Malware Challenge

July 19, 2018 by joecodes Leave a Comment

As somewhat related to last month’s Malware checklist, I thought this would be a good follow-up about spotting malware on an infected site. Maybe yours.

Something like a vulnerable plugin can allow an attacker to change existing code that is expected on the page, such as Google Analytics tracking, and make it hard to find. From Spot the malware on dev.to:

They aren’t your good old ascii a, but are actually cyrillic a! … When reading source code though, IDE’s and text editors usually show a regular cyrillic a, which is hard to distinguish with our bare eyes. This can be leveraged by malware creators by registering hosts similar to popular CDN’s and injected scripts, then replacing genuine domain with their own.

Read the full article for more details.

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to email this to a friend (Opens in new window)

Related

Filed Under: Programming Tagged With: security

Leave a Reply Cancel reply

You must be logged in to post a comment.

Quick Thoughts

  • I was surprised to learn that foreach in JavaScript does not have a traditional break. The loop will run to completion.

  • Who knew that combination sums across all permutation lengths of an array would be so difficult? It was a challenge but the final product looks good and takes a lot of resources. Limiting the max length for basic memory limits. Would only do something like this for occasional reporting.

  • Working on a new project that can have hundreds of forms on a page. The browser was spending way too much time in Parse HTML. Wasted a bunch of time before learning this is a long-standing bug in Chrome when there are many forms or inputs. Other browsers are fine.

Recent Posts

  • Progressive Enhancement
  • Keychain Password Search
  • Smarty preg_match
  • iPhone Plus Experiment
  • Time Machine Speed-Up Tip

Tag Cloud

Apple JavaScript Mason Perl PHP security simple Smarty speed stability Tax WWDC X-Cart

Search

Subscribe

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Recent Comments

  • Bad App Alert on Startup Item Help
  • iPhone Pre-Order Needs to Change on iPhone Pre-Order Warning
  • Apple vs Pro on My Personal Three S’s of Development
loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.