All weblogs show the malware (8 posts)

  1. cogmios
    Posted 4 years ago #

    it seems all my wordpress sites on my account currently forward to some malware download thing. So I'm now disabling all of them and parallel to this looking for the source.

    they forward to www4.realprotectin33.co.cc which shows some malware ads and then wants the user to download an .exe ...

    I could not find anything on google on this site. So quickly i can not find any changes in the php files in the themes.

    Anyone else has this currently?

  2. cogmios
    Posted 4 years ago #

    ok.... I looked through the source and found exactly the same link as mentioned in this explanation of mt:


    So... :( They have been able to get in my database :(

    Ah... I see that the message is from TODAY: http://weblog.mediatemple.net/weblog/category/system-incidents/1404-wordpress-redirect-exploit/

    so i guess It seems that is a thing NEW today.

    if Anyone has any more information (Since it is new) on HOW they got there that would be handy, e.g. maybe there is a leak in a specific plugin ?

  3. Keep in touch with Media Temple for more info, as this exploit appears to be specific to their server configuration.

  4. danjenkins
    Posted 4 years ago #

    yes my sites redirecting the same today as well.

    it hit my blogs on dreamhost.

  5. Then I guess it's not just limited to MT. Remain calm and carefully follow this guide as best you can (since it is MT-specific). When you're done, you may want to implement some (if not all) of the recommended security measures.

  6. cogmios
    Posted 4 years ago #

    Maybe its handy to change the 750 for wp-config.php to 400 for wp-config.php at least that is what i have.

  7. 400 is more secure, but it doesn't work under all server configurations. If it works for you, then I definitely recommend it.

  8. cogmios
    Posted 4 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic