Question

Linux Maldet Scan finding malware in favicon.ico files - Joomla 3.8.6

By stephensquires ·
I'm wondering if anyone has experienced this kind of malware and knows how it may be occurring.

Our nightly maldet scans are finding 2-4 favicon.ico files with malware, only these favicon.ico files are not where they should be in the file structure.

Example maldet scan:

HOST : --cleared-out--
SCAN ID : 180412-0331.27527
STARTED : Apr 12 2018 03 1 :19 -0500
COMPLETED : Apr 12 2018 03 2 :17 -0500
ELAPSED : 58s [find : 1s]

PATH :
RANGE : 1 days
TOTAL FILES : 1292
TOTAL HITS : 2
TOTAL CLEANED : 0

FILE HIT LIST :
{HEX}php.base64.v23au.186 : /var/www/vhosts/--clered-out--/httpdocs/plugins/system/admintools/favicon_b5187e.ico => /usr/local/maldetect/quarantine/favicon_b5187e.ico.2409932083
{HEX}php.base64.v23au.186 : /var/www/vhosts/--cleared-out--/httpdocs/libraries/src/Environment/favicon_cc89b9.ico => /usr/local/maldetect/quarantine/favicon_cc89b9.ico.279812132
===============================================
Linux Malware Detect v1.6.2 < proj@rfxn.com >


Any help would be appreciated.
1 total post (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Back to Malware Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums