I have another client’s site attacked by Sejeal. Again I found a “sejeal.JPG” file in the root directory. Client called me saying the hyperlinks don’t work. Browser was giving back 404 error.
I found this article that shed some light on the matter. One of my main tools “JCEditor” has a vulnerability that attackers are exploiting.