Mail from the ‘Boss’ – A Classic Example of a $_POST Mailer Stealing CC Data

Mail from the ‘Boss’ – A Classic Example of a $_POST Mailer Stealing CC Data

We often find mailer scripts while cleaning malicious code from websites. Some of them are easily discovered, while others are obfuscated or heavily encoded.

These “mailers” allow bad actors to send unwanted emails from your domain, and can be triggered through the misuse of a vulnerable extension or leftover backdoor malware scripts.

The $_POST Mail Came from the “Boss”

During a recent investigation, we stumbled upon a very simple mailer that got our attention – not because it was very interesting from code perspective, but because of the Subject that was used.

Continue reading Mail from the ‘Boss’ – A Classic Example of a $_POST Mailer Stealing CC Data at Sucuri Blog.

Read more: Mail from the ‘Boss’ – A Classic Example of a $_POST Mailer Stealing CC Data

Incoming search terms

Story added 8. March 2018, content source with full text you can find at link above.