In a previous analysis of a malicious file, we demonstrated why you should always update your email account passwords after a security compromise.
The information security threat landscape is always changing. Likewise, the tools used by bad actors are also evolving to evade detection by IDS/IPS and other similar services.
cPanel Hosting Environment File Analysis
In our past post, we analyzed a file that modified passwords to existing email accounts within /home/user/etc/shadow.