Backdoor: PHP:EVAL:GZINFLATE:B64

Description: We detected a highly encoded (and malicious) code hidden under a loop of gzinflate/gzuncompress/base64_decode calls. After decoded, it goes through an eval call to execute the code.

Affecting: Any web site (often through outdated WordPress, Joomla, vBulletin, osCommerce and stolen passwords).

Clean up: You can also sign up with us and let our team remove the malware for you.

Malware dump:
<br /> eval(gzinflate(base64_decode(‘FZhFtoVcloSnkr3MP2n..</p> <p>

More information: Backdoor: PHP:EVAL:GZINFLATE:B64

Story added 11. March 2012, content source with full text you can find at link above.

Comments are closed.

More antivirus and malware news?

OpenVPN servers can be vulnerable to Shellshock Bash vulnerability
What Sesame Street can teach CIOs about managing consumer IT
Chinese Hackers Access U.S. Weapons Systems’ Design Plans: Report
Lizard Squad hits Malaysia Airlines website
Researchers demo exploits that bypass Windows 8 Secure Boot
OpenOffice Vulnerable to Remote Code Execution, LibreOffice Patched
In wake of gTLD security criticism, ICANN announces emergency back-up registry operators
Iran’s Mahan Air Says Hit by Cyberattack
Microsoft wins permanent settlement against Nitol botnet
NBA team rebounds from IT disaster

Backdoor: PHP:EVAL:GZINFLATE:B64

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts