Security scanner flagged a file "Hacked" | fm.php

[Matti Remes]

Hi there!

We are using a security service to secure our servers + client sites.
I got a hacked notification from our WHMCS install, and as a result action, file "fm.php" was quarantined.

I just updated WHMCS to the lates build (7.8.3) , and now wondering if this could be a false positive. 
According to Security team support: "Yes, the file is hacked it contains a Files-Manager Hack which can be used to upload/delete any file from the server."

I would like to know if that file is a part of the latest WHMCS build (as it was not present on the previous backup package of the older version) or was this indeed an attempt to hack the servers?

[brian!]

On 17/11/2019 at 12:29, Matti Remes said:

I would like to know if that file is a part of the latest WHMCS build (as it was not present on the previous backup package of the older version) or was this indeed an attempt to hack the servers?

that's not a file available in the v7.8.3 zip - possibly it was part of an addon module, but if you have quarantine logs, that may tell you where in the WHMCS folder structure the file was found.