Security researchers have uncovered malicious plugins and themes for WordPress, Joomla and Drupal. The Netherlands-based security firm Fox-IT has published a whitepaper revealing a new Backdoor named “CryptoPHP” The exact number of websites affected by the backdoor is undetermined, but the company estimates that at least a few thousand websites or possibly more are compromised. The CryptoPHP backdoor can be controlled by cyber criminals using various options such as command and control server (C&C) communication, email communication and manual control as well.
Source: https://thehackernews.com/2014/11/cryptophp-backdoored-cms-plugins-themes.html