rogerpoole
Forum Replies Created
-
Hi all. Attacked again. Here’s a few of the notes on the infected files.
• f649 infection
• Possibly malicious lambda function
• Many c99 variants including NFM, Perl, Predator, CTT, r57 and Redhatc99
I did a search on the f649 infection and ultimately came to a story about the Darkleech and the hosting company. GoDaddy. Apparently GoDaddy has had issues with this for years.
This is a root level infection that needs to be addressed by the host company, but when my client called they wanted to sell her a security service (basically SSL) for $150 year.Can anyone guide me as to what might be in the log files that might prove Darkleech is active? Looking for something I can send the host support and get an acknowledgement of the problem.
Also, moving this site to a different host as soon as the client is back from vacation.
Ha! Sorry MountainGuy. I’ve basically passed the infected files to the WordFence crew to review. I’m sure the next filter will have an even better focus on the Pak Haxor hacking.
Resolved.
Forum: Fixing WordPress
In reply to: website name doesn't come up on googleIt might take up to 6 months. Google sand boxes new sites to avoid dealing with spammers. Give it time.
Forum: Plugins
In reply to: NextGEN Gallery — Site Launch killed pluginNever mind! Found it!
The path to the image rotator was mudged.