String Concatenation: Obfuscation Techniques

Some of the links in this article are "affiliate links", a link with a special tracking code. This means if you click on an affiliate link and purchase the item, we will receive an affiliate commission.The price of the item is the same whether it is an affiliate link or not. Regardless, we only recommend products or services we believe will add value to our readers.By using the affiliate links, you are helping support our Website, and we genuinely appreciate your support.
String Concatenation: Obfuscation Techniques

While string concatenation has many valuable applications in development — such as making code more efficient or functions more effective — it is also a popular way for attackers to obfuscate code and try to make it more difficult to detect. Let’s dig into how bad actors are leveraging this technique to conceal their malware.

Avoiding Detection with String Concatenation

String concatenation obfuscation works by using a period between each string, which instructs PHP to join these character strings  together and run it as a single function — for example, ‘cr’.’ea’.’te’.’_f’.’un’.’c’.’ti’.’o’.’n’; would become create_function.

Continue reading String Concatenation: Obfuscation Techniques at Sucuri Blog.