Malware Signatures

  1. Home
  2. Malware Signatures
  3. php.malware.exif_read.001


PHP malware is one of the most commom malicious code found on the internet, mostly because it is the leading server-side language used on websites, followed by ASP, Java, ColdFusion and Perl (source). In order to address this issue, our tools are capable ofdetecting and cleaning up malware that weren't collected yet, but meet a complex set of characteristics that are considered malicious.
Image files have metadata tags where informations like: geotagging, date and time, camera settings and copyright are stored. Those areas can be modified wihthout compromising the image. Malware writers can use those tags to store instructions and load them from other malicious code.


Any vulnerable PHP based website. Outdated software or compromised passwords can act as an infection vector.


Inspect your site's files looking for suspicious usage of exif_read_data functions or files that you don't recognize. Also you can sign up with us and let our team remove the malware for you.


Not Available