Sucuri Malware Labs
Backdoor: PHP:PREG_REPLACE:EVALHome | Notes | Malware data | Signatures | Tools | About
Description: We detected a malicious code hidden under a preg_replace with the "e" switch that acts as an eval call (code execution). It is often used to bypass simple detection methods that only look for "eval(" call itself.
Use: Hide spam, malware and backdoors.
Affecting: Any web site (often through outdated WordPress, Joomla, vBulletin, osCommerce and stolen passwords).
Clean up: You can also sign up with us and let our team remove the malware for you.
Malware dump:
Use: Hide spam, malware and backdoors.
Affecting: Any web site (often through outdated WordPress, Joomla, vBulletin, osCommerce and stolen passwords).
Clean up: You can also sign up with us and let our team remove the malware for you.
Malware dump:
For all our web-based malware signatures, go here: http://labs.sucuri.net/?malwaredb