Hi all,
I am writing in this forum as I am an active user of I-MSCP :-).
One month ago, I have noticed a random HTML file listed in one of my domain's htdocs root folders. The file is only present in one of my 5 domains.
The file name is always "csvjsjd.html".
The content is always the same:
HTML
At first, I just deleted it but it gets recreated. In some cases a PHP file is created, too. The way the URL is created looks like that somebody tries to hide the target, i.e. it seems to be malware.
I have no deep Linux skills to analyze the cause of it. Wordpress is running in this particular domain, no other areas of my root server are affected. So, it seems that the malware cannot leave the "userspace" of the domain.
Any help appreciated :-).
Thanks!