Hijacked php code

  • Resolved ChriStef

    (@christef)


    1 year, 5 months ago

    Hello,

    Firstly, I should say a big Thank you for your good plug-ins…

    Secondly, my server if hijacked by a malicious php code 2 weeks ago. Added to my add on domains folders. One is a pure WordPress and the other one a custom website with a custom WordPress folder installation. I was lucky to notice the hijacked code as something was wrong on my custom website as it didn’t append well so the normal html output was wrong. The pure WordPress is not noticeable the hijacked code.

    I’ve ninja firewall and scanner on both domains.

    I really think you should consider to give an eye on this and maybe you could protect others.

    Zip files with hijacked code = [link to malware redacted by moderator]

    Thanks for your consideration. I would be great full for any insides. Please inform me when you download the file, so I can delete it.

    Take care,

    Christos.

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author nintechnet

    (@nintechnet)

    They are the usual files that hackers upload.
    How did they get access to the site? That’s the most important part.
    Did you check your logs? Did you have a vulnerability in a plugin? Or they stole a password?

    Thread Starter ChriStef

    (@christef)

    I’m not sure yet, I’m still investigating it but I suppose by cpanel vulnerability or main password leak. All domain folders had the injected php code… Even the non WordPress once.

    The malicious code just serve for crawling bots other websites products and info. Google is messed up with those info, I think is not to bad.

    Thanks for your consideration.

    • This reply was modified 1 year, 5 months ago by ChriStef.
Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hijacked php code’ is closed to new replies.