WARNING: POTENTIAL MALWARE BACKDOOR CODE

  • opendrives

    (@opendrives)


    8 years ago

    I installed this plugin today and my security monitoring software flagged it potentially containing a PHP malware backdoor script.

    Warning: File possibly compromised: ./wp-content/plugins/fast-velocity-minify/inc/functions-serverinfo.php (php.backdoor.system_shell.005). Manual review recommended.

    • This topic was modified 8 years ago by opendrives.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Raul P.

    (@alignak)

    8 years ago

    It’s a false positive, and “potential” doesn’t mean it is.

    There’s no malware or backdoor, and this has also already been discussed here:
    https://ww.wp.xz.cn/support/topic/malware-alert-3/

    The serverinfo.php page, is what you see when you click on the Server Info tab.

    That page exists for you to be able to diagnose what your server is running, so it’s basically an information page that fetches technical information from the server and shows it there.

    Furthermore, the plugins are manually reviewed by the WordPress Team, before going live, precisely to avoid that kind of malware situation.

    Thread Starter opendrives

    (@opendrives)

    8 years ago

    Ah, I see. My apologies for the freak out.

    Plugin Author Raul P.

    (@alignak)

    8 years ago

    For the record, I reached out to sucuri and their answer was that they are aware of the false positive and that they were rolling out an update progressively, to their clients.

    https://cdn.pbrd.co/images/Ho7jyYp.png

    Thanks again.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘WARNING: POTENTIAL MALWARE BACKDOOR CODE’ is closed to new replies.