Christmas Holiday

We will be closing our Store, Sales and Helpdesk from 17:30 Wednesday, 23rd December 2020 to 09:00 Monday, 4th January 2021. No orders, support requests or sales emails will be processed between those dates.

If you purchase a license or Service Package before the closing date and require installation, please be sure to leave at least 24 hours before then for the work to be done. Otherwise, any work will be scheduled for after this period.

New virus found that Maldex, CXS, Clam has not detected

Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
Post Reply
Junior Member
Posts: 4
Joined: 23 Apr 2015, 16:14

New virus found that Maldex, CXS, Clam has not detected

Post by mitchmenghi »


We have uncovered a suspicious file that i am overly surprised no scanner has picked up and its very concerning.

The filename is called 'indonesia.php'

I was sitting in one of our customer Wordpress installs and in some sub directories. The contents of the file is as follows.
Moderated Message:
Do not post exploits on these forums
We are in no way experts but that does seem to be malware.

Has anyone seen this before, or how is it that CXS being a paid solution even after a month did not pick this up ???
Posts: 1489
Joined: 01 Oct 2008, 09:24

Re: New virus found that Maldex, CXS, Clam has not detected

Post by ForumAdmin »

If you would like to submit an exploit for consideration you should use the following syntax:

Code: Select all

cxs --wttw /path/to/exploit.php
We will review the file and consider detection for it in the future. If you want to detect it yourself you can use the cxs --xtra [file] syntax with an xtra file (see documentation) to include your own detection for it.
Post Reply