Looking for Malicious PHP Files

I’ve been digging through some PHP files that are trying very hard to hide what they are doing. Basically, the PHP code is base64 encoded and then compressed. The blob of random text is then stuffed into a PHP file which calls to decode it and execute it on the web server. While it obscures [...]

Tags: incident response, malicious php, obscured malicious code