Jump to content

Security scanner flagged a file "Hacked" | fm.php


Recommended Posts

Hi there!

We are using a security service to secure our servers + client sites.
I got a hacked notification from our WHMCS install, and as a result action, file "fm.php" was quarantined.

I just updated WHMCS to the lates build (7.8.3) , and now wondering if this could be a false positive. 
According to Security team support: "Yes, the file is hacked it contains a Files-Manager Hack which can be used to upload/delete any file from the server."

I would like to know if that file is a part of the latest WHMCS build (as it was not present on the previous backup package of the older version) or was this indeed an attempt to hack the servers?

Link to comment
Share on other sites

On 17/11/2019 at 12:29, Matti Remes said:

I would like to know if that file is a part of the latest WHMCS build (as it was not present on the previous backup package of the older version) or was this indeed an attempt to hack the servers?

that's not a file available in the v7.8.3 zip - possibly it was part of an addon module, but if you have quarantine logs, that may tell you where in the WHMCS folder structure the file was found.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated