Support » Plugin: File Manager » Hacked

  • I got hacked due to this plugin and can confirm based on reports, articles, and my own experience. Upon reinstalling from backups, then deleting the plugin, the site is restored to normal… temporarily. Minutes after, the malware returns. Not sure if there are remnants in the database, but your free version of the plugin’s vulnerability has disrupted and destroyed my sites and business, and I really could use your help. Thank you.

    Edit: I would like to add that this is run on a MultiSite and it is the subsites that are most afflicted.

    • This topic was modified 2 months, 2 weeks ago by atomicnicholas. Reason: Additional info

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)
  • Plugin Author mndpsingh287

    (@mndpsingh287)

    Hi @atomicnicholas

    Send us a support ticket by using this link https://filemanagerpro.io/contact we will be able to better assist you on your issue.

    Please make sure you update the File Manager plugin to v6.9 if you are using the Free version.

    We also recommend you run a service to clean up the malware from your website. We recommend you install Sucuri Malware scanner to assist. This plugin will help you scan and remove Malware from your website. https://wordpress.org/plugins/sucuri-scanner/

    Looking forward to hearing from you!

    • This reply was modified 2 months, 2 weeks ago by mndpsingh287.
    • This reply was modified 2 months, 2 weeks ago by mndpsingh287.

    Same situation here. This was our favorite plugin and it triggered on most of our client’s sites. Guys, you need to fix the loophole quickly.

    One of our customers was also affected by this hack.

    A shell process was running on the customer’s server that kept undoing our changes.
    www-data 1856 0.0 0.0 293448 3636 ? S Sep05 1:02 php /var/customers/webs/*****/***.*******************.de/lock666.php

    It might help you to restart the web server service. This helped us.

    p.s. The file lock666.php was not found on the server. I think it was deleted right after starting the process.

    good luck,
    Norman

    Plugin Author mndpsingh287

    (@mndpsingh287)

    Hi @logixtree and @norman

    We thank you for being part of the File Manager community,

    Firstly, we want to let you know that we take security very seriously, and apologize for any inconvenience or issues that have been caused.

    Please update the File Manager plugin immediately to v6.9 if you are using File Manager Free, or to v8.0 if you are using File Manager Pro. Here is some documentation to assist you with the process: https://filemanagerpro.io/article/how-to-download-latest-version-of-file-manager-pro

    The latest version contains a patch for this vulnerability and will keep you protected.

    Send us a support ticket by using this link https://filemanagerpro.io/contact if you need anything, we will be able to better assist you.

    I was hoping you guys can provide help, even if in a general way, before us having to go with the paid services like Wordfence/Sucuri/etc. (which are currently on high surge pricing due to high volume, and will further cost us a lot of money in service fees beyond the damage your plugin had already done), seeing as all this was caused by your plugin, and was not preventable by all the security plugins we had in place.

    Not trying to keep blaming you (too late for that), but since it’s your product that caused this, perhaps you can provide guidance– if not direct assistance– as you must be aware of its pattern and behavior.

    I have sent a support ticket already but wanted to point this out here because the damage has been unrelenting. Thank you.

    Plugin Author mndpsingh287

    (@mndpsingh287)

    Hi @atomicnicholas

    Can you please share the ticket number that you have received from our support? We would like to schedule a call with you to review this and provide you some personalized support to help you resolve this issue.

    If you would like to submit a new ticket please contact us at https://filemanagerpro.io/contact 

    Thanks!

    I have sent a support ticket again, and still awaiting a response, please.

    Plugin Support File Manager Support

    (@filemanagersupport)

    Hi @atomicnicholas, can you please share your ticket number so we can follow up on this?

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.