I noticed on a couple of my client sites the presence of a new malware file. It is located in the document root of the store and is called 'adminer.php'. Comments read as follows:
/** Adminer - Compact database management * @link https://www.adminer.org/ * @author Jakub Vrana, http://www.vrana.cz/ * @copyright 2007 Jakub Vrana * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0 * @license http://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other) * @version 4.2.5 */
We have added support for diabling this file to our EZ Admin Helper addon. It is available in version 4.9.33. If you are a current EZ Admin Helper addon customer, you should be upgraded automatically in the next couple of days. If you want to force the upgrade, you can use the following URL
[your_admin_url]?dispatch=ez_maint.upgrade.force
which will force the upgrade to happen immediately.
If anyone wants to (or has the time to) unpack this file and publish what it does, feel free to contact me and I'll get you a copy.