Websites and the CryptoPHP Infection

Could Your Site Be Infected?

If your website uses a content management system such as WordPress, Joomla, or Drupal, you will want to be aware of the CryptoPHP infection. Like many infections of this nature, the CryptoPHP infection is both sneaky, and can spread the maliciousness once it’s there, so it’s good to be aware of it if you may have the potential to encounter it.

So Just What Is it?

CryptoPHP is an infection that works like a botnet. It is a sophisticated program that uses your website to conduct illegal “black-hat” SEO tactics such as adding links to other, possibly malicious websites. It can also upgrade itself, and since it communicates with other servers it can update itself and behave as a drone that could do anything from sending spam to attacking other sites.

How Do You Get it?

CryptoPHP is acquired by downloading and installing a theme to their WordPress, Joomla, or Drupal site – specifically a free theme found online. The infected theme has a nulled script that contains a line of code that appears to include PHP but instead appears to call on an image. Hidden inside the image is the real, malicious code.

How Can I Prevent It?

There are a few simple ways to avoid infection:

Don’t use free downloaded themes on your site – it is difficult to tell what is infected and what is not.
Don’t accumulate extra “unused” themes just sitting around on your site. It’s easy to collect dozens of these while trying them out, but best to reduce this number as much as possible. Your current theme and ones in development are all you really need.
The sites we here at Appletree Mediaworks LLC create are CryptoPHP-free.

How To Know If You’re Infected

For WordPress: Install the Wordfence plugin and enable the option to scan images – CryptoPHP hides in a png image, but is actually obfuscated code. This will detect the infection.

Other sites: Download all source code and search for this line:
<?php include(‘assets/images/social.png’); ?>

Our sites here at Appletree MediaWorks LLC are CryptoPHP-free. If you have concerns over your own sites, or have any questions on keeping your website up to date and secure, contact us or visit our blog for more information.

—

For More Information on CryptoPHP – http://www.wordfence.com/blog/2014/11/wordpress-security-nulled-scripts-cryptophp-infection/

Like this post? Share it!

The Great Phishing Scamdemic

Have you been noticing an abundance of suspicious looking emails flooding y…
Serious Risks to Consider When Socializing Distantly

In today’s crazy world of staying home instead of visiting friends, we’ve a…
Ten Tips on How to be Successful While Working From Home Dur

As a web developer of over 15 years, I’ve spent a lot of time working remot…

How to see what Facebook knows about you, and download your data Do you know what they know?
.
.
#Facebook #Facebookpage #PrivacyAware #privacypolicy #Data #datasecurity

Posted: 3 days ago
Tech that died in 2020 We've been busy helping clients with Flash workarounds for training software. What tech are you going to mourn in #2021?

Posted: 2 weeks ago
How to recycle your old phone, laptop, TV and batteries for free A win for those with resolutions to declutter or be nice to the environment this year. I'd never heard of Cell Phones For Soldiers before!

Posted: 3 weeks ago
We can’t thank you enough for all of your support this year. From our entire team, we want to wish you a happy, healthy, and prosperous new year! #welcome2021goodbye2020 https://t.co/yEYCRBAK4d

Posted: 3 weeks ago
Goodbye Flash, goodbye FarmVille https://t.co/iReKzHFhfk by @anthonyha

Posted: 3 weeks ago
We can’t thank you enough for all of your support this year. From our entire team, we want to wish you a happy, healthy, and prosperous new year!
.
#welcome2021 #NYE2021

Posted: 3 weeks ago
Looking forward to adding more cool photos this 2021! 🤩📷

Posted: 3 weeks ago
I'm not just scrolling to the bottom and hitting AGREE anymore.
.
.
.
#2021 #ReadyorNot #HereWeGo #happynewyear2021

Posted: 3 weeks ago
We wish you and your family a very Merry Christmas! 🎄❤️🎁💚🎅

Posted: Last month
Merry Christmas from our awesome programmers! 🎅🎄

Posted: Last month
Merry Christmas from our web designers!

Posted: Last month
Tis the season!! Best of luck to all the Santa's out there shopping! 🎅🤶🎁

Posted: Last month
The year is 1997.
You: *struggling to write a letter*
Clippy: Would you like some assistance with that?

Posted: Last month
😀😉🙃🙂😌😋

Posted: Last month
Sometimes technology can be scary 😳

Posted: Last month
Be prepared to wrap pictures of your gifts this year 😂🎅🎁

Posted: Last month
True story. https://t.co/jqqbv3BWYX

Posted: Last month
Wishing you and your family a very Happy and Healthy Thanksgiving. 🦃💛
.
.
.
#thanksgiving #love #thankful #grateful #blessed #thanks #family #friends #happythanksgiving #celebrate #life

Posted: Last month
Headphones are a must in our offices!

Posted: Last month
The Jetsons predicted 2020.. just waiting on the flying cars. No doubt our hero @elonmusk will make that come true too. 🚀 #jetsons #telework #onlineclasses #telemedicine #videocalls #tesla https://t.co/0T1s3MgaMx

Posted: 7 months ago
@GovWhitmer Why aren't #Michigan groomers allowed to open if they are offering curbside service? #Ohio and #Indiana allow it. Asking for a client (and our staff).

Posted: 8 months ago
The most popular pickup line for Web Developers: "Can I clear your cache?" https://t.co/pIUAEr23nX

Posted: 8 months ago
Pretty cool! https://t.co/IvQJJZaWns

Posted: 8 months ago
Have you considered the risks of socializing distantly? 💬🗨️⚠️ https://t.co/xzOTfGBJIc
#SocialDistancing #SocialMedia

Posted: 8 months ago
If #IRS doesn’t have your direct deposit info, a check will be mailed to your address on file. For your #TaxSecurity, do NOT provide your direct deposit or banking information for others to input on your behalf into the IRS...

Posted: 8 months ago
Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world... Chinese Government Holds Back Everyone’s Internet Freedom: A strong example of the problems this world faces with cyber censorship is what is going on in China. The government blocks many websites, searches, and software based on their content.

Posted: A long while ago
EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the... EU-US Privacy Shield Still Not Protecting Your Privacy: Still collecting bulk data, problems with the judicial redress act, and no true protection for businesses

Posted: A long while ago
Copyright and Social Media: This has become a gray area. Almost everyone is guilty of... Copyright and Social Media: This has become a gray area. Almost everyone is guilty of sharing something on social media, whether it be Facebook, Twitter, or Pinterest, that was copyrighted and not yours to share. But what is fair to ...

Posted: A long while ago
How Your Devices are Tracking you and How to Stop it: Apple, Microsoft, and Android How Your Devices are Tracking you and How to Stop it: Apple, Microsoft, and Android

Posted: A long while ago
Being Safe while Downloading Apps: With how many apps are downloaded it is always a... Being Safe while Downloading Apps: With how many apps are downloaded it is always a good idea to stay safe while downloading. You must take precautions, learn where to download, and do your research.

Posted: A long while ago