Apparently this malware takes several weeks outwitting the security of companies that using Plesk Hosting. Many Webmaster when they detect that they have been infected choose to seek a backup of the site and restore the corrupted files. After restoring the files have been found to re-infecting virus, which means you have direct access to ftp and for that previously had to get passwords.
After conducting various studies as acts of this type of Trojan horse has come to the conclusion that get the passwords of FTP through a bug found in the file manager tool that incorporates Plesk. Use this bug to steal the FTP password and have permission to read and write about all the files in the hosting.
Many businesses that rely on their website and have been infected, have reported that they are starting to leak and this virus generates some uncertainty for the customer. Luckily this virus only infects files and never deletes or rename.
To reassure many Webmaster who has been affected their web must be said that there is a new update for Plesk that fixes this bug. The steps to prevent the reinfection web are:
- Update to the latest version of the Hosting Server. This step is very important because when you upgrade the server eliminate the security hole.
- Change FTP passwords from your hosting.
- Change passwords for all email accounts.
- Change the passwords of the Plesk.
- Disinfect all infected files. We can do this by eliminating each one the code entered or restoring a backup.