By I recently wrote about a case where a malicious plugin was used to steal admin credentials. Here we will examine yet another malicious plugin that creates a malicious admin user right in the website.
Examining the malware
While examining the site, we noticed a plugin located at wp-content/plugins labeled php-ini.php. This is strange since directories generally donโt contain extensions, especially one like .php since those are reserves for files.
Continue reading Malicious WordPress Plugin Creates Hidden Admin User Backdoor at Sucuri Blog.
Comments