Origin of malware

  • jacoblo

    (@jacoblo)


    6 years ago

    Hi,

    Thanks for the great plugin and saved me tonight with issues from wp-vcd.php/deloton/onslarv. All functions.php for all themes were effected apparently.

    Using Avada, Vultr hosting and quite strict with plugins. Nothing pirated or anything such. Any tips how to find the origin of the malware? And more importantly avoid that it becomes re-infected?

    Jacob

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Eli

    (@scheeeli)

    6 years ago

    check your access_log files to see what scripts might have been called at the exact time of the infections (Infection times can be found on the Anti-Malware Quarantine page).

    Thread Starter jacoblo

    (@jacoblo)

    6 years ago

    Hi Eli,

    Doesn’t that assume that I had been running the plugin at the time of infection?

    Plugin Author Eli

    (@scheeeli)

    6 years ago

    No actually the main purpose of the Quarantine is to preserve the original threat details for later review, including the file’s timestamps which would tell you when the file was last modified (infected).

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Origin of malware’ is closed to new replies.
  • In: Plugins
  • 3 replies
  • 2 participants
  • Last reply from: Eli
  • Last activity: 6 years ago
  • Status: not resolved