Home / malware PHP.Filesman
First posted on 26 November 2015.
Source: SymantecAliases :
There are no other names known for PHP.Filesman.
Explanation :
The Trojan may arrive on the compromised computer through exploitation of arbitrary file upload vulnerabilities in web content management systems.
Once executed, the Trojan then opens a back door on the compromised computer, allowing an attacker to perform the following actions:
Collect system informationManage files and directoriesExecute commandsConnect to databases and execute SQLExecute PHP codeBrute force FTP and database passwordsConnect to a remote serverLast update 26 November 2015
