3

I have site that is hacked and flagged by Google for having malware:

Some pages on this website send visitors to the following dangerous websites: freshmodel.pw.

I made a backup of everything before I started, added a new clean website, and remove all the old site files (which I assume has malware).

Is it dangerous for me to keep a backup of this on my computer?

Anders
  • 64,406
  • 24
  • 178
  • 215
9ete
  • 131
  • 3
  • 2
    A good way to make sure nothing accidentally execute the malware is to keep the backup in an encrypted zip file. Since the password is needed to decrypt it, only you will be able to mess things up. :-) – Anders Mar 21 '17 at 10:18

3 Answers3

6

No, not unless you run it. And by default Windows can't run PHP files. Cleaning the site is a good idea, but be careful not to make the same mistake twice; if they got in through a file upload vulnerability, they will do it again if it's the same site. So try to find out what file is malicious and post it here so we can help.

J.A.K.
  • 4,793
  • 13
  • 30
2

Depends on what the malware was made for. If it was to get some information of the website users, that would be no problem. But if it is something like a keylogger or anything else, the harm to users on their computer might be bad. Have the users been able to download anything from your server?

If (as it looks like) it was a malware to send the visitors of your website to another website, it should be no problem to keep it.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Dr3xler
  • 308
  • 1
  • 8
2

Simply having the files on your computer is highly unlikely to do any harm. If you start opening them, it will vary based on what the files are. For example, there have been exploits published that exploit photo-viewing software with specially crafted image files. PHP backdoors are unlikely to be a problem unless you deliberately run the code.

KnightOfNi
  • 2,247
  • 3
  • 18
  • 23