A new kind of malware

We detected a new kind of malware today from a scanning, what it does are:

  1. Change the host file of the server, that means it affects not only your website, but ALL websites in the server (in the condition that the hack is successful)
  2. A shell code namely 1.sh will be injected into the user’s account
  3. A cronjob is created to run every minute to run the 1.sh shell code, so even if your website is clean, it will be immediately affected as the hacking was performed in the server wide but not only in your website account.

Here is a screenshot of the shell code

A new malware found 15/07/2014

Centrora Security 3.5.4 released

This new version has the following improvements: * Added: Added option to turn on and off Daily Audit report * Updated: Updated the firewall rules version * Fixed: Fixed a minor warning bug in the installer for checking country database * Fixed: Fixed a minor warning bug in the getSafeBrowsingStatus function in the Audit class * Enhancement: Improved the virus scanning function to reduce overall memory usage * Enhancement: Improved Configuration model to avoid warning errors in PHP strict mode * Enhancement: Improved CountryBlock model to avoid warning errors in PHP strict mode * Enhancement: Improved CountryBlock class to reduce duplicated download of SQL files if it has been downloaded…

Details
Centrora Panel 1.0.6 featured image v2

Centrora Panel 1.0.6 Updated with Easier and Securer functions

Centrora Panel 1.0.6 Updated with Easier & Securer functions It’s been half a month since we released Centrora Panel, seems users are hesitate to use our Panel. After doing some research and analysing the situation, we noticed a critical problem with Centrora Panel is that it required you to enter the admin password while adding a website. (It is sensitive especially for website administrator to expose their password under concerns. Therefore, we improved our function by removing the requirement of password with a better and secure connection method. For now, Centrora Panel can now automatically detect your Centrora Security Plugin you’ve installed on your WordPress site simply by using your admin username…

Details

Centrora Panel 1.0.5 updated

Centrora Panel is updated to 1.0.5, the main change is to remove the password fields from our 4096 Pair key generation function to enhance security for all administrator users.

 

 

All users please update the plugin to version 3.0.5 to use this new function.