Fred.php.php backdoor
-
So found this new file in my install called Fred.php.php https://pastebin.com/UVUf2V47
It is a backdoor that does quite a bit.
Anyone got any info on it?Found in /public_html/wp-content/cache/all/comments/feed with a HTML file that just gives a “Comments Closed” message.
I have WP Fastest Cache installed and it is the only thing that caches or that would use that folder.
https://bycats4cats.com/wp-admin/plugin-install.php?tab=plugin-information&plugin=wp-fastest-cache&TB_iframe=true&width=772&height=894Though I also have Disable Comments plugin that might be the problem.
https://bycats4cats.com/wp-admin/plugin-install.php?tab=plugin-information&plugin=disable-comments&TB_iframe=true&width=772&height=894Any ideas on the culprit?
- The topic ‘Fred.php.php backdoor’ is closed to new replies.