[NSFW] Japanese virus break in and traffic theft

  • Resolved procornershop

    (@procornershop)


    2 years, 2 months ago

    welcome

    I lost my previous API connection and I want to restore my data connection

    Website Malware & Security

    • Malware detected by scan (Critical Risk)
    • Injected spam detected?(Critical Risk)

    Website Blacklist Status

    I am suffering from entering a data breach and stealing my traffic. I will attach pictures to you in the Google Drive link. Watch the pictures of the breach

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @procornershop, thanks for reaching out.

    If you’re unable to repair the affected files being flagged in the scan, you may need to clean your site. I didn’t see a Google Drive link of the issue and don’t appear to have received an email recently containing your username or domain. However, there was an old diagnostic from August where the scan was reporting 0 issues at the time. Your site IP has not been blacklisted with us, although appreciate the domain has been flagged by McAfee at some point.

    So that you can act immediately if you can’t resolve the scan results or the problem keeps arising: https://www.wordfence.com/docs/how-to-clean-a-hacked-wordpress-site-using-wordfence/
    Make sure and get all your plugins and themes updated and update WordPress core too. If you are on an older branch (WordPress 4.x etc) because you wanted to wait before installing the latest version because of Gutenberg or a custom theme compatibility you still need the latest update in that version. Those can be found here:
    https://www.ads-software.com/download/releases/
    WordPress sometimes patches their older releases if they find a vulnerability so make sure to update your version if needed. We, of course, recommend that you update to the latest version.

    As a rule, any time I think someone’s site has been compromised I also tell them to update their passwords for their hosting control panel, FTP, WordPress admin users, and database. Make sure to do this.

    Additionally you might find the WordPress Malware Removal section in our free Learning Center helpful.

    If you are unable to clean this on your own there are paid services that will do it for you. Wordfence offers one and there are others. Regardless if you choose to clean it yourself or let someone else do so, we recommend that you make a full backup of the site beforehand.

    Thanks,
    Peter.

    Thread Starter procornershop

    (@procornershop)

    thank you

    In fact, I do not know how to fix my site now

    And I want a cleanup of Japanese infiltration

    I want to recover my license code and it includes the username

    Can you guide me with simple steps to delete harmful data and restore the site safely

    thank you

    Plugin Support wfpeter

    (@wfpeter)

    Hi @procornershop,

    The link above, especially the itemized lists further down the page under, “How to clean your hacked WordPress site with Wordfence” should provide you with the step-by-step process you need in order to diagnose and attempt to clean your site. Unfortunately the files that may be affected and overall solution are not likely to be the same with every attack/breach so require you to investigate using the pointers given on that page or within our Learning Center.

    Naturally, make sure to follow the general rules of updating the passwords for your site’s control panel, database and any administrative users of WordPress itself just in case that was one of the “ways in” originally used. It’s also good practice to take a full site backup beforehand, just in case you need to restore anything from it later.

    Thanks again,
    Peter.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[NSFW] Japanese virus break in and traffic theft’ is closed to new replies.