成千上万的WordPress网站感染了Malwarethe恶意软件，其中包括四个单独的后门：创建四个后门，应检测并删除一个重新输入的攻击者。我们以前从未见过的独特案例。 Which introduces another type of attack made possibly by abusing websites that don’t monitor 3rd party dependencies in the browser of their users.The four backdoors:The functions of the four backdoors are explained below:Backdoor 1, which uploads and installs a fake plugin named “Ultra SEO Processor,” which is then used to execute attacker-issued commandsBackdoor 2, which injects malicious JavaScript into wp-config.phpBackdoor 3, which adds an attacker-controlled SSH key to the ~/.ssh/authorized_keys file so as to allow persistent remote access to the machineBackdoor 4, which is designed to execute remote commands and fetches another payload from gsocket[.]io to likely open a reverse shell.Tags: backdoors, malware, web Posted on March 10, 2025 at 7:01 am•12条评论