PHP has reigned and will continue to reign as one of the main development technologies preferred by developers around the world. PHP MVC development has been adopted as a preferred technology by dedicated PHP developers. The sheer simplicity of coding and the amount of flexibility this technology offers makes it an attractive prospect for companies offering software development services abroad. Until now, it was thought that the code developed by PHP for web applications was safe from virus, malware and Trojan attacks. Time to rethink that belief again!

PHP.Kryptik.AB is a new malware that has been making the rounds on the web and sneaking into unsuspecting FTP clients. The chink in the armor that this Trojan exploits is part of the FTP client’s habit of storing FTP login credentials unencrypted. The information obtained is sent to a remote host that accesses the FTP servers and begins to attach PHP-based web pages by inserting a JavaScript code snippet that is triggered every time a user lands on the website. Among other problems this causes, the most serious ones include download failures in Mozilla Firefox browsers that render the website unusable through a connection reset. Another headache this causes is an automatic update to Google’s safe browsing list as a website that “contains malware.” The danger is that this Trojan affects all known files in the FTP directory. Fortunately, this problem is now beyond repair and can be resolved.

Change your FTP password, especially from your FTP hosting provider, which also has the same password policy for control panel access.

It modifies, edits and overwrites every file that has been infected. Do not rely on the update mechanisms provided by your provider and they may not be able to perform a complete overwrite.

Run a debug script if it is available on the server. If not, download all the files and run the scripts locally.

Ways to prevent this type of infection are to use antivirus protection, select trusted sources for downloading software, and get out of the habit of storing FTP login credentials on the server. There are many PHP development companies providing state-of-the-art offshore software development services to clients all over the world because the demand for PHP MVC development architecture has been recognized by many esteemed clients all over the world.

These thousand days of web design companies are providing their services because the demand for PHP, ASP.NET, MySQL and iPhone development is very high.