SuiteCRM Hacker Injection into all PHP files

Hi Support,

We hosted a SuiteCRM on our Amazon EC2 machine with sthe state file permission even thought the hackers are injected the code into SuiteCRM PHP files exists in the folder. below is the injection. Please let me know how to avoid this to be repeated. like its a third attempt.

injected code sample:

<?php... ?>


What Version of SuiteCRM do you have installed?

Where did you download this version from?

Which Folder/File are the PHP files with the Injected code in?

  1. It is Suite7.1.8 edition almost recent one.
  2. downloaded this file from SuiteCRM website itself. which redirect me to
  3. It is injected in almost all php files present in the crm folder.

Almost…10 months old.
Then there was 7.2 , 7.3 , 7.3.2 and now 7.4!

As Horus68 said, the most Recent versions avaliable would be 7.4 and 7.3.2

Since 7.1.8,we’ve added a lot functionality, Security Fixes and Bug Fixes.
It may be in your best interest to upgrade to 7.3.2.

You can download the Upgrade Package here:
Look for the one titled: “SuiteCRM-Upgrade-7.1.x-to-7.3.2”

Download this and upload the .zip file into the “Upgrade Wizard” page. This can be found in the Admin menu.
You can then run through the upgrade.

We’d recommend taking a backup of your Database and CRM before running the upgrade.

Hi John & Horus68…

Thanks for the suggestion…Its already done but still my issue will be there not resolved. I deployed the latest 7.4 instance and transferred all the custom code to the new system, even in new system I am facing the same problem i updated all the custom file with sugar entry check Even thought the files are getting appended with the hack code. I am not able to figure out how can it possible.