We recently inherited a Joomla! website from one of our client and the initial deal was to deploy, host and maintain it on our own servers. Upon inspecting their backup and noticing some PHP files over 200 Kb, it became quickly obvious that the website was infected by a malware.
