What is the China Chopper Webshell, and how to find it on a compromised system?

Some days ago, during a chat with a friend who works in a small software development company, the webshells topic has come up.

During the migration of a production system, my friend found some suspicious .php files, which turned out to be China Chopper webshells.

Continue reading “What is the China Chopper Webshell, and how to find it on a compromised system?”