Attackers Abuse Cron Jobs to Reinfect Websites


Malicious cron jobs are nothing new; we’ve seen attackers use them quite frequently to reinfect websites. However, in recent months we’ve noticed a distinctive new wave of these infections that appears to be closely related to this article about a backdoor that we’ve been tracking.

In today’s post we’ll be discussing what cron jobs are, how attackers leverage them to reinfect and access websites, and analyze a distinctive new wave of cron jobs.

Read more…