WordPress.org

Ready to get started?Download WordPress

Forums

Known javascript malware. Details: http://labs.sucuri.net/db/malware/malware-ent (7 posts)

  1. DarkMellie
    Member
    Posted 2 years ago #

    Hiya,

    as per the title, Sucuri shows me I have malware and Google wrote to me to advise of it. I can't even login to update WordPress!

    Can this be done for me by the WordPress team?

    Sorry to bother! That's the second time now and I've only ever used the site to post links to articles I've written for other sites, is it just that the 'hackers' keep updating their viruses and I just need to keep logging on to update WP as frequently as I can?

    Thank you in advance for any assistance you can offer :)

  2. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    Can you post your site URL?

  3. DarkMellie
    Member
    Posted 2 years ago #

    http://www.railingmedia.com sorry, thought that would auto-post for some reason!

  4. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    Yes, your site is infected with malware as well as listed as suspicious by Google. Here is the report.

    Can this be done for me by the WordPress team?

    Sorry, you have to do the cleanup yourself, or you have to hire someone by posting your problem at: http://jobs.wordpress.net/

    If you want to do the job yourself, I can post here the forum's standard prescriptions.

  5. DarkMellie
    Member
    Posted 2 years ago #

    I'll have a crack at fixing it if you can point me in a direction?

    Appreciate your time sofar Krishna :)

  6. Krishna
    Volunteer Moderator
    Posted 2 years ago #

    Go through the resources in this link and follow instructions.
    http://wordpress.org/support/topic/wordpress-hacking-in-32012?replies=3#post-2692763

  7. redleg-too
    Member
    Posted 2 years ago #

    Typically with this hack there are 2 parts, the first is the conditional redirect and that is done in an Apache system file named .htaccess. The second part is to insert a block of script into your index files, usually all of them. There is a copy of the script in pastebin http://pastebin.com/j3jrsPrS for the script that gets inserted into the files and http://pastebin.com/iZggTndj for a copy of what gets inserted in the .htaccess file.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags