Malware Signatures

  1. Home
  2. Malware Signatures
  3. php.malware.base64.009

php.malware.base64.009

PHP malware is one of the most commom malicious code found on the internet, mostly because it is the leading server-side language used on websites, followed by ASP, Java, ColdFusion and Perl (source). In order to address this issue, our tools are capable ofdetecting and cleaning up malware that weren't collected yet, but meet a complex set of characteristics that are considered malicious.
Malware writters can use several built in funcitons to encode their malware, among them base64_decode is one of their favorites pair with other encoding like gzuncompress and str_rot13.

Affecting

Any vulnerable PHP based website. Outdated software or compromised passwords can act as an infection vector.

Cleanup

Inspect your site's files looking for suspicious usage of base64_decode function or files that you don't recognize. Also you can sign up with us and let our team remove the malware for you.

Dump

Not Available