Hacked
-
Hi I am running 4.3.1 with the 2014 theme. The site has been hacked, a new admin class user called “badmin” has been added with all capabilities and code has been added to search.php.
I have the sucuri plugin loaded and this is how I saw that a badmin user was logged in. So, I can clean this BUT there is clearly another exploit that allowed this user to be created in the first place and this was done without a legitimate login because there is no record in the Sucuri logs.
Any ideas where to look please? or do I just have to delete the whole site and start again.
The inserted code started like this…
<?php $zdaxc=’d_/0T1H90/e0Fg2Vg4TpkaV….
any help greatly appreciated.
Martyn
Viewing 10 replies - 1 through 10 (of 10 total)
Viewing 10 replies - 1 through 10 (of 10 total)
- The topic ‘Hacked’ is closed to new replies.