Auto Generation of Spam URL after Updating WordPress 4.9.4

  • kuldeeppatnaik

    (@kuldeeppatnaik)


    6 years, 1 month ago

    I have been using latest WordPress version i.e. 4.9.4 since 14-02-2018. Thereafter, around 1850 false or spam URLs are randomly generated. For which my users are getting affected with invalid URLs and it/s contents.

    Also, I’m getting error mail from Google Webmaster team regarding this.

    Hence, I need to fix it on the top urgent basis.

    For your reference, I am attaching the screenshot. https://imgur.com/5GK3UNo

    Thanks & Regards
    Kuldeep Patnaik

Viewing 3 replies - 1 through 3 (of 3 total)
  • Laken Hafner

    (@lakenh)

    6 years, 1 month ago

    It looks like you’ve been hacked 🙁

    Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    Thread Starter kuldeeppatnaik

    (@kuldeeppatnaik)

    6 years, 1 month ago

    Thank you, Laken Hafner for your reply.

    Actually I got an email from hosting provider on February 13th that the files are getting infected with virus attacks.Then I cleaned them right away.

    Then I checked that worpress is not updated automatically with latest version of WP-4.9.4. So I updated that too. Since that day, these files are getting created, there are 1850 files are generated in last 20 days.

    So, Can I reupload all the initial files and folders of previous backup back to February 01 2018, so that it will remain safe?

    Laken Hafner

    (@lakenh)

    6 years, 1 month ago

    WordPress hackers are quite tricky. The obviously malicious files (the ones that your host found, and you removed) are able to be removed without removing the infection. The hackers plant various “backdoors” on your site, usually in multiple places, which allow them to reinfect your site. Restoring from backup is probably your best solution. If possible, I’d even try and go a bit further back than Feb 1st, because a lot of hackers like to let the site with backdoors added “sit” for a period of time, before doing an obvious detectable hack.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Auto Generation of Spam URL after Updating WordPress 4.9.4’ is closed to new replies.