Description: We detected a highly encoded (and malicious) code hidden under a loop of gzinflate/gzuncompress/base64_decode calls. After decoded, it goes through an eval call to execute the code.

Affecting: Any web site (often through outdated WordPress, Joomla, vBulletin, osCommerce and stolen passwords).

Clean up: You can also sign up with us and let our team remove the malware for you.

Malware dump:

More information: Backdoor: PHP:EVAL:GZINFLATE:B64

Story added 11. March 2012, content source with full text you can find at link above.