Everyone needs to read this.
First and foremost, this part. This is one of the main pieces "evidence" that is being cited in support of Russian hacking:
No it does not. What Wordfence revealed on Friday is that the PHP malware sample that the US government provided is:
- An old version of malware. The sample was version 3.1.0 and the current version is 3.1.7 with 4.1.1 beta also available.
- Freely available to anyone who wants it.
- The authors claim they are Ukrainian, not Russian.
- The malware is an administrative tool used by hackers to upload files, view files on a hacked website, download database contents and so on. It is used as one step in a series of steps that would occur during an attack.