Security expert Peter Gramantik at Security Firm has written an interesting blog post to describe how it is possible to hide a backdoor using common PHP callback functions. The technique could surprise the laymen, but malware authors are very creative and always find new methods to hide their backdoor. Coding best practices suggest to carefully inspect the source code to find PHP functions like the ones discussed, but the post presented a technique that allows attackers to run arbitrary code silently. Other examples to run code with PHP functions are the create_function ( ) and the assert ( ).”]
Source: https://securityaffairs.co/wordpress/24415/hacking/php-backdoor-callback-functions.html