Backdoor:PHP/SimpleShell.A is a Backdoor trojan horse. It consists of a PHP script running on a compromised server. It could also download other malicious files on a computer, modify various settings and steal personal information.
|Short Description||The backdoor can give unauthorized access of a computer to a hacker over remotely.|
|Symptoms||The Trojan may download, upload, execute and delete different files on a compromised machine and also may modify various system settings.|
|Distribution Method||Targeted Attacks, Email Attachments, PHP script.|
|Detection Tool||Download Malware Removal Tool, to See If Your System Has Been Affected by Backdoor:PHP/SimpleShell.A|
|User Experience||Join our forum to follow the discussion about Backdoor:PHP/SimpleShell.A.|
Backdoor:PHP/SimpleShell.A – How Did I Get It?
There are a number of ways you could get infected with the “PHP/SimpleShell.A” Backdoor Trojan. The most common distribution method is if you are running an exploitable and/or outdated Joomla management system for web publishing. Another common way is to execute the script manually if you are tricked that it is a useful program. Thus, without knowing, you are getting the
Backdoor Trojan inserted into your system.
You might have been infected with the Trojan from a targeted attack by downloading an attachment from an electronic mail. Files that can be used to spread various threats such as the Backdoor:PHP/SimpleShell.A, more often than not, have these extensions: .bat, .exe, .vbs, .pif, .scr and other executable ones. However, this specific one is usually a .php script. You could also get infected via some plugin, extension, popup banner, or a site with malware on it.
Backdoor:PHP/SimpleShell.A – More About It
The Backdoor:PHP/SimpleShell.A Backdoor Trojan represents a simple PHP script file, that when executed, opens a Backdoor. It usually finds its way via an exploitable and/or outdated Joomla management system for web publishing into a computer system. Some of the files that are reported to be malicious:
After the backdoor has access to a compromised machine, it can execute certain actions such as downloading, uploading, running and deleting various files. Also, it may run or stop applications, modify different settings. When the backdoor Trojan has control over these functions it may also, log keystrokes and steal sensitive information and spread malicious files to other computer systems in the network, even the World Wide Web.
Once the Trojan connects to a remote location, a hacker can give commands to it directly. The hacker can do the following:
- Check for an Internet connection
- Validate a digital certificate
- Download and run files, updates and malware
- Report of a new infection to the hacker
- Receive configuration and other data
- Search for a geographical location of the machine
- Upload information to the remote location
This proves that the Backdoor:PHP/SimpleShell.A Trojan has dangerous capabilities, including a two-way backdoor to a remote location selected by a cyber-criminal, who can steal very sensitive and personal information from the computer being targeted.
Remove Backdoor:PHP/SimpleShell.A Completely
This Trojan can connect to a remote host, access different sensitive information and infect you with different kinds of malware. It may track your personal information and send that data to the hackers that created it, which can aid them to profit from it. In order to completely get rid of the Backdoor:PHP/SimpleShell.A Trojan horse from your computer, carefully follow the step-by-step removal guide provided down below!