Fake Plugin

  • dawnadmin

    (@dawnadmin)


    2 years ago

    I received an email from Securi saying my admin account had installed a plug in the day before yesterday, but I had not done so. Email is as follows

    Event: Plugin Activated
    Website:?XXXXXXX
    IP Address: 185.4.64.107
    Reverse IP:?meridian72.ru
    Date/Time: 02/07/2023 3:45 pm
    User: XXXXXX

    Message: Plugin activated: Ecibyhu (v1.9.0; ecibyhu/ecibyhu.php)

    I can not find any information about this plugin. I can’t see it in the list of plugins. I can see it in the plugin list that Securi provides but I am unable to do anything with it. I just wanted to be sure it had nothing to do wit hWP Core before I assume I have been hacked.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘Fake Plugin’ is closed to new replies.