About the get_data_ya malware
-
Hello!
I found that malware script in a blog of a friend.
As you told here https://www.ads-software.com/support/topic/global-zeeta-not-being-found-by-gotmls/, the script was generated in a single file (/wp-includes/header.php) but also in every function.php within my themes (master and child).
Not sure if you need the code (I can send it to you).
Also I found a class-wp-http-netfilter.php file full of IP addresses, but nothing on the files that requires it… probably they went in, used a script, removed it and left the ip list and the infected files.Does your plugin recognize this kind of malware? (I’m doing a scan, but probably I was faster and I found all the occurrences)
Thanks a lot!
- The topic ‘About the get_data_ya malware’ is closed to new replies.