• We keep finding the file .backup_time in the root of our installation. After being deleted it keeps popping up as soon as the wp index.php is triggered.
    Next to that we have the following string in our wp-database:


    Does the file.backup_time belong to the iThmes/Better WP Security) installation?



Viewing 2 replies - 1 through 2 (of 2 total)
  • I am also having this issue and can’t figure out if it’s malware or what. My auto backup is OFF for better-wp-security so I don’t know what it is. My guess is it’s part of malware, it’s in every root WP directory and other directories as well. If anyone’s gone through this I’d really appreciate any help! The contents seem to be base64 encoded. I can’t find the script it creates anywhere. I don’t know what to do next.

    [ Moderator note: encoded gobley-gook redacted ]

    Moderator Jan Dembowski


    Brute Squad and Volunteer Moderator

    @darkmatter661 Your data and problem are different from the original poster’s.

    Per the forum welcome please post your own topic with your own details.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hacker?’ is closed to new replies.