I got a "Security Threat" warning from VaultPress a couple days ago, regarding a file in Snapshot. It reads as follows:
This file contains suspicious hidden code, and should be checked for recent changes, or malicious code. Often hackers try to hide their hack attempts by obfuscating their attack code, to make it harder to detect. VaultPress has detected a string of suspicious characters in this file. Please check your backup history for recent changes to this file, or contact a Safekeeper if you are unsure."
The file they are pointing to is: plugins/snapshot/lib/Snapshot/Model/Destination/ftp/phpseclib1.0.10/Crypt/DES.php
The code in question, which appears 3 times in the file, is: \x40\x40\x40\x40\x40\x40\x40\x40
This is looking like a false positive to me, but I figured I'd get in touch with you anyway and ask about it... Is this a security threat?