Over 23,000 Web servers infected with CryptoPHP backdoor

Over 23,000 Web servers were infected with a backdoor called CryptoPHP that’s bundled with pirated themes and plug-ins for popular content management systems.

CryptoPHP is a malicious script that provides remote attackers with the ability to execute rogue code on Web servers and to inject malicious content into websites that are hosted on them.

According to Dutch security firm Fox-IT, which published a report about the threat last week, the backdoor is used primarily for black hat search engine optimization (BHSEO), an operation that involves injecting rogue keywords and pages into compromised sites to hijack their search engine rankings and push malicious content higher up in search results.

To read this article in full or to leave a comment, please click here

Read more: Over 23,000 Web servers infected with CryptoPHP backdoor

Story added 28. November 2014, content source with full text you can find at link above.