It doesn’t… Wordfence may be picking-up malware links in your spam comments, which are in your database backup. Since every database backup is a new file to Wordfence, every time you make a backup Wordfence catches the same malware link again and again and again (until you clear your spam cache).
I run Wordfence and DB Manager on most of my websites, and this happens all the time.
Viewing 2 replies - 1 through 2 (of 2 total)
The topic ‘How does malware get into the backups?’ is closed to new replies.