Support » Plugin: UpdraftPlus WordPress Backup Plugin » suspicious Updraftplus file causing bug

  • Resolved ninonbane

    (@ninonbane)


    Hi,

    My websites were blocked because of a malware. When I did a scan, it ended being 2 of your files in there(./wp-content/plugins/updraftplus/config.php Details: php.backdoor.xhell.001.01).
    Can you please explain? I thought you were a safe plugin.

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Support bornforphp

    (@bornforphp)

    @ninonbane

    It’s certainly not a UpdraftPlus file, Did you download the plugin from WordPress.org repository?
    https://wordpress.org/plugins/updraftplus/

    I’d suggest to run scan of your WordPress site if there are more infected files injected to your WP installation.

    Thanks,
    Harshad

    Plugin Author David Anderson

    (@davidanderson)

    Likely your site has been hacked. Once a site is hacked, hackers can inject their malicious files anywhere. (That’s how file permissions work; once you have access to the site, you can put files anywhere in it). They tend to drop files into locations belonging to popular plugins (because those are the locations likely to exist, so they hard-code a list of popular plugins in their code). You will want to fully scan your site for all signs of infection (as it’s rare that they just drop a single file in).

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.