The C99Shell PHP backdoor lives on

The C99Shell PHP backdoor, originally spotted in 2007, is still around, and is still a danger to both web server operators and end-users.

After getting a tip from a designer about a hacked Joomla page, Panda Security malware researcher Bart Blaze discovered that a newer version (2.1) of this scripted web application Trojan has been used to compromise a web server.

The same server has been infected with other PHP backdoors, one of which seems designed to specifically target mobile users.


Read more: The C99Shell PHP backdoor lives on

Story added 6. March 2015, content source with full text you can find at link above.