We’ve seen a wider variety of PHP web shells being used by attackers this year —  including a number of shells that have been significantly updated in an attempt to “improve” them.

Depending on the scope of changes and feature enhancements that are added to an existing web shell’s source code, these updates can be tedious and time consuming for bad actors. For this reason, it’s common to see code for web shells reused among different, unaffiliated attackers.

Continue reading ALFA TEaM Shell ~ v4.1-Tesla: A Feature Update Analysis at Sucuri Blog.

Pin It on Pinterest