HTML Logo by World Wide Web Consortium ( Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS. ocPortal 9 is superseded by Composr 10.

Head over to for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.

A Christmas project - decoding a sophisticated trojan attack - Comments

Login / Search

 [ Join | More ]

A Christmas project - decoding a sophisticated trojan attack

Posted 27 December 2014, 7:12 PM

One of our users reported their site was not working properly, so I looked into this as a bug report. What I found was really quite fascinating so I thought I'd share the story.

A trojan had infected their server and was causing the problems. It affected PHP code, but was not a specific attack against ocPortal – all PHP code on the server was infected, not just ocPortal's. So we have no reason to…

Read more

Thanks for the report Chris.

Speaking of "Be a bit paranoid", you might want to keep an eye on the traffic to the IP you were testing with as you have just announced your presence to "them" and "they" might try and re-establish contact through that IP.
Dynamic IP, firewalled at router, no servers running, NAT.
Ahh, the paranoia is strong with this one ;).

There are too many online users to list.
Control functions:

Quick reply   Contract

Your name:
Your message: