Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor

 

Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoorhttp://www.scmagazine.com/pirated-joomla-wordpress-drupal-themes-and-plugins-contain-cryptophp-backdoor/article/385552/Illegal search engine optimization (SEO) is the goal of attackers who are freely distributing pirated Joomla, WordPress and Drupal themes and plugins that are packaged with a backdoor being referred to as CryptoPHP.

Last week Fox-It released a whitepaper on CryptoPHP, and in a Wednesday post the security company revealed that most of the command-and-control domains had been sinkholed or taken down.

Researchers observed 23,693 unique IP addresses connecting to the sinkholes, but by Monday that number had dipped to 16,786, according to the post.

2 replies

Comments are closed.