Hyperlinks inserted into blank (primarily) content areas | WordPress.org

Resolved mflu
(@mflu)

9 years, 4 months ago

Our website, http://www.rpm3solutions.com, has been hacked…..someone inserted a bunch of links to random sites that are active in all pages except home page. Links are seen on mouse-over in blank areas of the screen mostly, but sometimes on a link we had previously established. Site runs on WordPress 4.0.1 and Centos 5.5-XS. Inserted hyperlinks are not obvious when viewing WordPress HTML code. Did run a trial version of “Siteguard”, which determined that 2 suspicious files were found….one was Google Analytics (makes me suspicious of Siteguard’s value) and a file in a plugin we used.
The Siteguard “suspicious files” findings were:
/wp-content/plugins/si-contact-form/includes/class-fscf-process.php

/wp-content/plugins/google-analytics-for-wordpress/admin/class-admin-menu.php

Have since deleted the plugin (“fast secure contact form”) and rebooted server, but problem still remains.

Viewing 1 replies (of 1 total)

RossMitchell
(@rossmitchell)

9 years, 4 months ago

Remain calm.
Just because a file is named “Google Analytics” does not mean it is safe, that name would be excellent camouflage.

There are various resources to support you. You need to work through them.
http://codex.wordpress.org/FAQ_My_site_was_hacked
http://smackdown.blogsblogsblogs.com/2008/06/24/how-to-completely-clean-your-hacked-wordpress-installation/
http://ottopress.com/2009/hacked-wordpress-backdoors/

Viewing 1 replies (of 1 total)

The topic ‘Hyperlinks inserted into blank (primarily) content areas’ is closed to new replies.

Tags

hacked

In: Hacks
1 reply
2 participants
Last reply from: RossMitchell
Last activity: 9 years, 4 months ago
Status: resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics