Posted 6 months ago #
My hoster sent me an advice that this plugin have infected files.
I try to deleted the plugin and reinstall it from wordpress repository but I have always the same problem.
The infected files:
======================
/wp-content/plugins/backwpup/pages/page_backwpupsettings.php
/wp-content/plugins/backwpup/pages/func_backwpupeditjob.php
/wp-content/plugins/backwpup/pages/page_backwpups
/wp-content/plugins/backwpup/pages/func_backwpupeditjob.phpettings.php
Posted 6 months ago #
Please contact the plugin author directly and give them every possible detail. His site is http://danielhuesken.de
Posted 6 months ago #
Hello,
can you send me the advice, because i don't kow anythng about a infect.
Posted 6 months ago #
I paste here:
Hello,
We have received an Maldet report regarding your resold accounts
***** and **** and below are the infected files and as of now I have just disabled the files and please delete these files from your end or else we will be deleting it when we get the next report.
======================
/wp-content/plugins/backwpup/pages/page_backwpupsettings.php
/wp-content/plugins/backwpup/pages/func_backwpupeditjob.php
/wp-content/plugins/backwpup/pages/page_backwpups/
/wp-content/plugins/backwpup/pages/func_backwpupeditjob.phpettings.php======================
Please make sure that all the files and folders are checked under the account and will not contain any kind of MALWARE contents.In failure of doing the same, account may be suspended.And also Please upgrade all the Applications/Softwares that you are using to the latest version.
Let us know if you need any further assistance.
Regards,
****
Posted 6 months ago #
rverrecchia - email the developer through their site.
This conversation - if there is a problem the author needs to know about - is not suitable for public viewing. Give the developer a chance before damning his work in public.
Posted 6 months ago #
I wrote to the developper and he answer here...
I don't want to damning his work.
Daniel you can write me an email if you prefer.
Posted 6 months ago #
One of my blogs was hacked last week. I am almost certain that the backwpup exploit that was discovered recently was used.
While the developer might not think it is suitable for public viewing, I think the affected users should know, you can read more about it on
http://www.exploitsearch.net/?q=%22SECUNIA%2043508%22
http://lists.virus.org/sec-adv-1110/msg00152.html
and
http://www.exploit-db.com/exploits/17987/
This is the 3rd security hole in backwpup in a year. I'm not happy about this. I spend the entire Thanksgiving day cleaning everything off and closing all the back doors.
Posted 6 months ago #
Did you have made a update for BackWPup ?
Posted 6 months ago #
I updated it on 10/27
Yesterday and today I looked at the server logs, files from the backwpup package were accessed directly from unknown ip addresses so I deleted the whole backwpup plugin rather than updating again.
In the end I don't think the source of the hack was backwpup, sorry about posting a bit prematurely, but backwpup was the first thing that stood out in the logs, and then googling it immediately brought up the pages I linked to in the post above.
Posted 6 months ago #
sorry, i have checked the Reports and if you made Update to 2.1.6, i thnik, all is fixed.
You must log in to post.
