Hacked – new users showing up, how? | WordPress.org

jamesbuck
(@jamesbuck)

8 years, 6 months ago
Hi, I have a problem where new unauthorized users keep showing up as admins, with duplicate username as my name, or my name backwards, using my same email address.

I have tried the following:
- no ‘admin’ named users
- using WordFence security (it did not notify me of any new users, logins, failed logins with the new usernames or find any spam / bad files in scan)
- new user registration is not allowed
- new comments are not allowed
- changed username and password
- disabled and removed all plugins except Description 2 Caption, Options Framework, Yoast SEO and WordFence security
- changed FTP username and password
Hosting service is 1and1. I don’t even know if the vulnerable point they’re accessing is in WordPress or on the hosting end. Any info greatly appreciated.

Viewing 3 replies - 1 through 3 (of 3 total)

Moderator t-p
(@t-p)

8 years, 6 months ago

Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

Thread Starter jamesbuck
(@jamesbuck)

8 years, 6 months ago

Thanks, but since that’s impossibly broad, and I’ve done most of those things, do you have any specific ideas about what the point of vulnerability might be?

thanks,
James

Moderator t-p
(@t-p)

8 years, 6 months ago

You may also want to discuss with your hosting provider.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Hacked – new users showing up, how?’ is closed to new replies.

Tags

In: Fixing WordPress
3 replies
2 participants
Last reply from: t-p
Last activity: 8 years, 6 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics