News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Grzegorz Godlewski:
PHP.Kryptik.AB - Give me your FTP!
November 20, 2012 @ 14:14:04

Grzegorz Godlewski has written up a post about a piece of PHP-related malware that, if it gets into your application, can render your site inaccessible (not to mention blocked by Google's "safe browsing") - PHP.Kryptik.AB.

One could think a PHP Developer is free from viruses and malware - and be wrong. Meet PHP.Kryptik.AB - the PHP malware. If you already know this bastard - high five! But if you don't - be prepared! Basically the story starts from a standard computer trojan which (I suppose) attacks popular FTP clients that store FTP login credentials unencrypted. Then it sends fetched informations to a remote host which (by the cover of night) logs into the FTP servers and infects PHP base web-pages by injecting a piece of JavaScript code, that gets executed when a user enters a site.

He describes the injected code, what kind of files the malware looks for when it executes and how you can fix the problem if you've already been infected. There's also a bit about how you can prevent yourself from being infected (including the suggestion of using something like KeePass or 1Password to manage and create harder to crack passwords).

0 comments voice your opinion now!
malware javascript infect phpkryptikab ftp


blog comments powered by Disqus

Similar Posts

Jim Plush\'s Blog: New AJAX/PHP framework - My-BIC is LIGHT and TASTY!

Thomas Weinert: FluentDOM 5 + XML Namespaces

WebDevRadio.com: Latest Episode Posted - #13

Gonzalo Ayuso's Blog: Speed up page page load combining javascript files with PHP

JSClasses.org Blog: Lately in JavaScript podcast - Episode 5 (PHP.js)


Community Events

Don't see your event here?
Let us know!


laravel php7 performance symfony2 podcast application community library version release example interview introduction framework voicesoftheelephpant testing series opinion api extension

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework