Last year we took a look at how attackers  were infecting Drupal installations to spread their spam and keep their campaigns going by just including a malicious file in each visitor’s session.

It’s quite common for  attackers to evolve their techniques and add new variations of hidden backdoors to make it harder to get rid of the infection. These evasion and reinfection techniques can also make it difficult to modify the malicious code, which is what has exactly happened in this case, over a year later.

Continue reading Evolution of Conditional Spam Targeting Drupal Sites at Sucuri Blog.

Via Sucuri.net