Malware obfuscation comes in all shapes and sizes — and it’s sometimes hard to recognize the difference between malicious and legitimate code when you see it.
Recently, we came across an interesting case where attackers went a few extra miles to make it more difficult to notice the site infection.
Mysterious wp-config.php Inclusion
During the inspection of the WordPress configuration file wp-config.php, we detected the following line of code:
So, should this code snippet be there or not?