Support » Plugin: MVIS Security Center » [Plugin: MVIS Security Center] ….a strong sign that your website has been hacked…??

  • Resolved damian5000

    (@damian5000)


    “Files have been identified in your WordPress installation, that are a strong sign that your website has been hacked.”

    Yet, the plugin doesn’t let me know what the possible hacked files could be… I’ve scanned it with Sucuri, and with virustotal, and nothing was found…

    The site in question is hipmouse.com . There’s nothing there yet… Just a maintenance page.

    http://wordpress.org/extend/plugins/mvis-security-center/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author secconsult

    (@mvis)

    Hello Damian,

    If you go to 3 Steps -> 3. Core Check and press the >> you should be seeing the affected files under “Details and Solution” with the request to rename the affected file immediately.

    The files that are being checked for are common web shells that are used by hackers to execute arbitrary commands on a web server.

    Please send me a screenshot so I can get an idea what is happening.

    Thanks,
    Stefan

    Plugin Author secconsult

    (@mvis)

    Hello Damian,

    I forgot to mention that it would be best if you send the screenshot to the e-mail address provided in the plugin when clicking “Feedback, Bugs, or Feature Requests?”

    As to why sucuri (free sitescan) and virustotal did not find anything, their services primarily scan the one page that was requested, in your case probably http://hipmouse.com/index.php. Because your site is not blacklisted and the index.php does not contain any suspicious code, the site is deemed to be clean.

    The MVIS Security Center goes through all files and directories and looks for common script names that are normally used by attackers to control a site. So even if the suspicious file is hidden in any random folder of the WordPress directory, it would still be discovered and reported.

    I still hope that this is not the case for you, so please send me the screenshot per mail and then we can figure it out.

    Stefan

    Thanks for your help man! Grade-A support… Cheers

    Plugin Author secconsult

    (@mvis)

    My pleasure damian, thanks for your feedback!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[Plugin: MVIS Security Center] ….a strong sign that your website has been hacked…??’ is closed to new replies.