Tag Archives |

WordPress Plugin – wp-zipp.php

Today we found new malware which is a WordPress plugin. The attacker is somehow before with another vulnerability created a user account with WordPress and it uploads own malware plugin, which contains a FilesMan remote shell. Access log As we see, just direct access to WordPress and install WP-Zipp plugin: If we extracted […]

Continue Reading