Shifting Malware Tactics & Stealthy Use of Non-Executable .txt & .log Files
The malware landscape is constantly evolving — and bad actors are always devising new techniques to evade detection. Our analysts most commonly find website malware nestled within JavaScript or PHP files, which can be directly executed by browsers or servers. However, we’re encountering more and more instances of malware that use code from non-executable files (e.g. .txt, .log, etc.), a tactic specifically designed to bypass usual detection rules.
In this blog post, we’ll delve into these techniques, provide some clear examples of the malicious behavior, and outline some steps on how to detect and mitigate these threats.