← Back to speaking

Backdoor: El bueno, el feo y el malo

Conference Talk WordCamp Zaragoza 2019 Zaragoza, Spain
  • Malware
  • WordPress Security
Watch video ↗ View slides ↗

Slides also available on the event site ↗.

Over my years on the front line at Sucuri I came to appreciate different styles in malicious code — especially the much-hated piece blamed for 100% of web security problems, according to many: the backdoor. Through a small collection of backdoors gathered during those years of battle, and briefly analyzing how they work, I’ll try to convey the different goals and approaches of those behind these malicious attempts in WordPress environments.

English translation, provided for accessibility. This talk was delivered in Spanish; the original abstract is available via the video link above. Translation is best-effort and may contain errors.

Original (Español)

A lo largo de mis años en primera línea de batalla en Sucuri, llegué a apreciar diferentes estilos en el código malicioso. En especial, la denostada pieza culpable del 100% de los problemas de seguridad web, a decir de muchos: la puerta trasera (backdoor). Mediante una pequeña colección de backdoors recopilados durante esos años de batalla, y analizando someramente su funcionamiento, intentaré transmitir las diferencias de objetivos y enfoques de quienes están detrás de estos intentos maliciosos en entornos WordPress.