Server Software and Configuration Services
cxs and “CryptoPHP”
CryptoPHP:
cxs can detect “CryptoPHP” for currently reported variants (and has done so for some time with then known variants).
A few things to note:
- As with all exploits, new variants are developed regularly so they will not always be detected
- Ensure that you have a daily cron job to update cxs
- cxs will not necessarily prevent an account being exploited as this “infection” is caused by clients installing illegal (“nulled”) applications that have already been exploited
- As with all exploits, regular full cxs scans have to be run to detect newly reported variants that may have previously evaded cxs Watch
- If you find new variants that are not detected by cxs, submit them to us in the normal manner (see the cxs –wttw [script] option in the documentation)