Redirect malware (5 posts)

  1. ojdiaz
    Posted 6 years ago #

    Hello there guys.

    For the last week my wife's blog has been affected by some kind of malware code, some script that writes the current active theme header.php and 404.php files and inserts some malicious code there that redirects the page to some random malware fake antivirus trojan download page

    I've been working with the tech support guys from my domain server, and they've told me that there was some malicious code in two files, topper.php and wp-pass.php, but on the uploads folder, not the usual wp-includes or wp-content pages.

    Anyway, that set me on track to detect that somehow, those two files of the current active theme, 404.php and header.php are rewritten at some point and the blog then starts to redirect again. I've found a link to change the .htaccess file to keep the blog for redirecting to this places, but the blog looks empty then.

    Well, i wanted to ask if anyone has gone through this trouble before and ask if there is any solution to this?

    Thanks a lot


  2. Samuel B

    Posted 6 years ago #

  3. ojdiaz
    Posted 6 years ago #

    Hello Samboll. Thanks for your reply. That's a little extreme... Aren't there any other ways around this?

  4. No.

    You've been hacked. If you want to fix it, you have to go to the extreme end if you want to be sure you're safe.

  5. ojdiaz
    Posted 6 years ago #

    Wow!!! That's really sad... and that sucks big time!!! >__<

    Specially since this blog has over 1500+ posts!!!!

    anyway, I'll do a step by step using that guide samboll posted and redo everything again, but really. It sucks. And I'm pretty sure the blog was up to date with everything ¬¬

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.