Auto Generation of Spam URL after Updating WordPress 4.9.4

It looks like you’ve been hacked ??

Remain calm and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

Thank you, Laken Hafner for your reply.

Actually I got an email from hosting provider on February 13th that the files are getting infected with virus attacks.Then I cleaned them right away.

Then I checked that worpress is not updated automatically with latest version of WP-4.9.4. So I updated that too. Since that day, these files are getting created, there are 1850 files are generated in last 20 days.

So, Can I reupload all the initial files and folders of previous backup back to February 01 2018, so that it will remain safe?

• This reply was modified 6 years, 8 months ago by kuldeeppatnaik.

WordPress hackers are quite tricky. The obviously malicious files (the ones that your host found, and you removed) are able to be removed without removing the infection. The hackers plant various “backdoors” on your site, usually in multiple places, which allow them to reinfect your site. Restoring from backup is probably your best solution. If possible, I’d even try and go a bit further back than Feb 1st, because a lot of hackers like to let the site with backdoors added “sit” for a period of time, before doing an obvious detectable hack.