Kernel Mode
  • Home
  • About
  • Contact
Sign in Subscribe

malware

A collection of 2 posts
Screenshot of web shell installed by malicious Composer package
malware

Laravel QR Code Generator Infected with Malware

On September 8th 2021 I discovered a backdoor in a Composer package for generating QR codes in the Laravel framework. The package laraveli/qr-code contains malware that attackers can use to remotely execute code on a compromised website or install and access a web shell. The code was traced back
Sep 11, 2021 3 min read
Typosquatting Malware Found in Composer Repository
malware

Typosquatting Malware Found in Composer Repository

On September 8th 2021, as part of greenfield research project, I discovered a malicious package in Packagist [https://packagist.org/], the main Composer repository. The symfont/process [https://packagist.org/packages/symfont/process] package contains malware and uses a technique called "package typosquatting" to target users of the popular symfony/
Sep 9, 2021 3 min read
Page 1 of 1
Kernel Mode © 2023
Powered by Ghost