Websites and the CryptoPHP Infection

Could Your Site Be Infected?

If your website uses a content management system such as WordPress, Joomla, or Drupal, you will want to be aware of the CryptoPHP infection. Like many infections of this nature, the CryptoPHP infection is both sneaky, and can spread the maliciousness once it’s there, so it’s good to be aware of it if you may have the potential to encounter it.

So Just What Is it?

CryptoPHP is an infection that works like a botnet. It is a sophisticated program that uses your website to conduct illegal “black-hat” SEO tactics such as adding links to other, possibly malicious websites. It can also upgrade itself, and since it communicates with other servers it can update itself and behave as a drone that could do anything from sending spam to attacking other sites.

How Do You Get it?

CryptoPHP is acquired by downloading and installing a theme to their WordPress, Joomla, or Drupal site – specifically a free theme found online. The infected theme has a nulled script that contains a line of code that appears to include PHP but instead appears to call on an image. Hidden inside the image is the real, malicious code.

How Can I Prevent It?

There are a few simple ways to avoid infection:

Don’t use free downloaded themes on your site – it is difficult to tell what is infected and what is not.
Don’t accumulate extra “unused” themes just sitting around on your site. It’s easy to collect dozens of these while trying them out, but best to reduce this number as much as possible. Your current theme and ones in development are all you really need.
The sites we here at Appletree Mediaworks LLC create are CryptoPHP-free.

How To Know If You’re Infected

For WordPress: Install the Wordfence plugin and enable the option to scan images – CryptoPHP hides in a png image, but is actually obfuscated code. This will detect the infection.

Other sites: Download all source code and search for this line:
<?php include(‘assets/images/social.png’); ?>

Our sites here at Appletree MediaWorks LLC are CryptoPHP-free. If you have concerns over your own sites, or have any questions on keeping your website up to date and secure, contact us or visit our blog for more information.

—

For More Information on CryptoPHP – http://www.wordfence.com/blog/2014/11/wordpress-security-nulled-scripts-cryptophp-infection/

Like this post? Share it!

The Great Phishing Scamdemic

Have you been noticing an abundance of suspicious looking emails flooding y…
Serious Risks to Consider When Socializing Distantly

In today’s crazy world of staying home instead of visiting friends, we’ve a…
Ten Tips on How to be Successful While Working From Home Dur

As a web developer of over 15 years, I’ve spent a lot of time working remot…

Categories
- Blog
  - Marketing
  - Politics
  - Security
  - Social Media
  - Tech
  - Web Development
- Dev
  - Living Abroad
- Media
- Newsletter
- Portfolio

Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world... Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world faces with cyber censorship is what is going on in China. The government blocks many websit ...

Posted: A long while ago
EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the... EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the judicial redress act, and no true protection for businesses

Posted: A long while ago
Copyright and Social Media: This has become a gray area. Almost everyone is guilty of... Copyright and Social Media: This has become a gray area. Almost everyone is guilty of sharing something on social media, whether it be Facebook, Twitter, or Pinterest, that was copyrighted and not you ...

Posted: A long while ago
How Your Devices are Tracking you and How to Stop it: Apple, Microsoft, and Android How Your Devices are Tracking you and How to Stop it: Apple, Microsoft, and Android

Posted: A long while ago
Being Safe while Downloading Apps: With how many apps are downloaded it is always a... Being Safe while Downloading Apps: With how many apps are downloaded it is always a good idea to stay safe while downloading. You must take precautions, learn where to download, and do your research.

Posted: A long while ago
Why Labor Unions Need Member Data System: Many large organizations – specifically labor unions –... Why Labor Unions Need Member Data System: Many large organizations – specifically labor unions – struggle trying to keep their member data updated and accessible. Without a centralized dat ...

Posted: A long while ago
Is Your Phone Keeping You up at Night? Our electronics tend to distract us from... Is Your Phone Keeping You up at Night? Our electronics tend to distract us from going to bed, disrupt our sleep with constant sounds, and hurt our health with their blue light.

Posted: A long while ago
All About Browsers: With so many browsers out there including: Google Chrome, Mozilla Firefox, Opera,... All About Browsers: With so many browsers out there including: Google Chrome, Mozilla Firefox, Opera, and Safari, you may have a hard time choosing one. While all of them have their ups and downs you ...

Posted: A long while ago
Mobile Sub-Site versus Responsive Web Design: In 2016, if your website is not mobile ready... Mobile Sub-Site versus Responsive Web Design: In 2016, if your website is not mobile ready you need to change that today. Two main ways to make your site mobile is to either have a mobile sub-site or ...

Posted: A long while ago
Do Not Track: Two members of congress filed a bill called the ‘Do Not Track... Do Not Track: Two members of congress filed a bill called the ‘Do Not Track Online Act of 2015’

Posted: A long while ago
Website Tips for 2016: -Fresh Up to Date Modern Websites -Easy Navigation is Key -Website... Website Tips for 2016: -Fresh Up to Date Modern Websites -Easy Navigation is Key -Website Usability -Improve Your SEO -Social Media

Posted: A long while ago
Where Technology and Christmas Come Together: Check out some of the ways you can enjoy... Where Technology and Christmas Come Together: Check out some of the ways you can enjoy the Christmas festive technology and how you can share some yourself.

Posted: A long while ago
How to Stay Safe While Holiday Online Shopping: Learn where to shop online, how to... How to Stay Safe While Holiday Online Shopping: Learn where to shop online, how to be secure, and best practices to keep yourself safe.

Posted: A long while ago
Newsletters in the Digital Age! In a digital age sending out electronic newsletters instead of... Newsletters in the Digital Age! In a digital age sending out electronic newsletters instead of paper newsletters has become much more popular. While deciding to do your newsletter does have its downsi ...

Posted: A long while ago
Safe Harbor Ruled Invalid, How it Affects You: The European Union and the Unites States... Safe Harbor Ruled Invalid, How it Affects You: The European Union and the Unites States will be meeting on December 17th to create a new agreement for the Safe Harbor. They plan to conclude this agree ...

Posted: A long while ago
Website Do's And Don'ts #infographic Website Do's And Don'ts #infographic

Posted: A long while ago
The Internet Helps in a Crisis: Everyone has heard about the recent Paris Attacks on... The Internet Helps in a Crisis: Everyone has heard about the recent Paris Attacks on November 13th many dead, wounded, or stranded. Many companies have made use of the Internet in a time of crisis to ...

Posted: A long while ago
Advertising Online for your Business: Advertising your business online can boost your sales and website... Advertising Online for your Business: Advertising your business online can boost your sales and website traffic if done the correct way. There are many different ways and places to advertise online

Posted: A long while ago
Using Analytics for Your Business: Analytics is data analysis that usual involves taking past data... Using Analytics for Your Business: Analytics is data analysis that usual involves taking past data to find trends and effects or decisions or events. It can also compare old data with new data using a ...

Posted: A long while ago
The NSA and Online Privacy: Many studies, cases, and documents show that the NSA is... The NSA and Online Privacy: Many studies, cases, and documents show that the NSA is spying on American citizens using online surveillance. As an American, this invades our Freedom of Speech and our Ri ...

Posted: A long while ago
Posted: A long while ago
Posted: A long while ago
Learn About Scam Emails: Scam emails are a very popular and while most email services... Learn About Scam Emails: Scam emails are a very popular and while most email services have a spam sorting feature built in, not all will be sorted properly. Scams can look like they came from a friend ...

Posted: A long while ago
Google Event, the Good and Bad: Google held their press event on Tuesday, September 19th... Google Event, the Good and Bad: Google held their press event on Tuesday, September 19th in San Francisco announcing many new products such as the Nexus 6P and 5X, the new Chromecast 2, Chromecast Aud ...

Posted: A long while ago
Prevent Malware on your Smartphone: Different malware includes adware, bug, spyware, Trojan horse, virus, and... Prevent Malware on your Smartphone: Different malware includes adware, bug, spyware, Trojan horse, virus, and many more (Learn more about Malware types ) There are some signs that your phone is being ...

Posted: A long while ago

Copyright © 2022 Appletree MediaWorks LLC - Privacy Policy