Paste Site Used as Hosting Service for FilesMan Backdoor

Bruno Zanelato found a website backdoor which, unlike other siblings of its family, does not embed its code within a web page but it loads it from an online clipboard service.

Website backdoors are specially devised malicious tools hidden within a website's code and designed to allow an attacker to reinfect the target and retain control even after the site has been cleaned.

"71% of all compromised targets had a PHP-based backdoor hidden within the site," says the expert's report. "The effectiveness of these backdoors comes from their elusiveness to most website scanning technologies."

Most malware tailored for websites and added to a web page's code use obfuscation techniques to prevent website owners from discovering the true purpose and goal of the hidden code.

No comments:

Post a Comment