Support » Fixing WordPress » Server-wide PHP code injection new 'backup' user added to multiple sites

  • So I’ve got a nasty worm on my shared hosting package which has added obfuscated PHP code to the top of every .php file in my home directory. I’ve also noticed that several (but not all) of the WP sites on the host have a new ‘backup’ user added.

    I already restored a ‘clean’ version of the files from a backup from several days ago, but the files were all compromised again within a couple of hours.

    What should I do?

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Server-wide PHP code injection new 'backup' user added to multiple sites’ is closed to new replies.