malicious WP installs?

BTW, a google search for “glkrgw” (as in the flowinmotion site) turns up many such files, all in wordpress installs.

Also, I am not associated with flowinmotion.at, nor annefrank.org.

I thought this might get some response.. compromised WP sites are a problem for all of us.

Can you post the URL of your site here?

My site? why?

if you do a google search for “glkrgw.html” or “rowcs.html” you will get lots of hits on both, and all files found are in wordpress run sites. These files don’t seem to have a legitimate function.

My site? why?

Unless you give your site URL, how do you think someone in the forum can tell you if you are infected or not?

if you do a google search for “glkrgw.html” or “rowcs.html” you will get lots of hits on both, and all files found are in wordpress run sites

Are you worried about your site or the sites of others? Do you know there are sites tailored to distribute viruses and for other nefarious activities?

I am not worried about my own site.

I’m worried because I got a 2 suspicious emails that sent me 2 URLs, both pointing to wordpress installs. I’m wondering if these are legit plugins, viruses, malicious plugins, or what?

I am not worried about my own site.

Then, are you worried about the sites of others? Is this post to remedy the problems of other sites infected with malware?

I’m trying to find out if sites that contain “glkrgw.html” or “rowcs.html” in their theme folder are infected. If they are infected, how to protect from such a threat?

There are many such sites, and little info that I can find.

Have you looked at this:

https://codex.www.ads-software.com/Hardening_WordPress

photocurio – The issue is that other people have been infected.

And … yes. It happens (sadly) quite often due to myriad reasons. We can’t prevent everything. Those people need to clean their servers up.