Malware Popping up on several sites today. (5 posts)

  1. jolearon
    Posted 4 years ago #

    Not sure where the vulnerability is, I called my host 1and1, but no help. Google emailed me today on several sites containing malware. When I view source I can see injected code, but I dont know where to look to fix it. I'm stressing, help anyone?

    I didn't see any similarity between the sites, as far as plugins/themes etc, there all different. and I changed my ftp pass last week, and my Database pass yesterday and this happened this morning. UUuuggh.

    Here is one of the injected sites.

  2. cubecolour
    Posted 4 years ago #

  3. scottmliddell
    Posted 4 years ago #

    Same thing just happened to me but I think I've got it all cleared up.

    First thing, make sure you can manage your site via Google Webmaster Tools.

    I did a full reinstall of WordPress and requested a review of the site affected - after that they were clean.

    Still not found out what got hacked but it looks like it was in core WordPress but this seemed to clean it up.

    If you look at your source look for Javascript chunks that have an eval in them that are heavily obfuscated, that's what Webmaster tools spotted on one of my sites and I proved then I could remove it with a reinstall.

    May not be the same issue as you yours but worth a go.

  4. jolearon
    Posted 4 years ago #

    I used google webmasters to keep an eye on it, and used the http://sitecheck.sucuri.net/scanner site religiously to ensure up-to-minute status of the site and Blacklist Status.

    It did change my wp-config permissions to 666, blah.
    I will say, the virus was found within wp-settings (a link to a link), which was odd, activating a javascript to start within the header undetected. Smooth move..

    I then check and re-checked, updated all WordPress files/plugins, etc.

    heres a link that confirmed other people were having the same issue.

    thanks @cubecolour for the links and @scottmliddell yes it was a eval code.

  5. jolearon
    Posted 4 years ago #

    Only thing is, I'm not a fan of not knowing how long it takes for Google to update their Blacklisted sites, to say its all clear. Some took an hour, others 24 hours, some still waiting. I'm patient, but I wish there was a count down or max amount of days to wait.

Topic Closed

This topic has been closed to new replies.

About this Topic