FilesMan is being abused in the wild
Do I have this malware on my website?So how do you spot if your website has it? A string search for "FilesMan" would actually do the trick. However, most of the attackers use heavy obfuscation so that you can't detect it by simple string searching. You may also want to look for split strings. This technique is also widely used to outsmart string searching by site owners.
|FilesMan backdoor malware|
|FilesMan obfuscated with string split applied.|
How to prevent the infectionEveryday, attackers find new ways to hide backdoors so it is safe to follow there rules to improve your protection:
- Backup your site.
- Keep your CMS version up to date.
- Change you passwords periodically. Most hackers try to brute force the credentials.
- Change Table Prefix of database. This will avoid SQL injections.
- Add additional security by modifying .htaccess.
- In case of WordPress it is recommended to run periodically both internal and external scans with our plugin.
- Always keep plugins and themes updated to latest version.