Malware in wp-admin/_db_backups

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hello rrosenthal,
    If I am to guess what happened here it is that at some point you had a visit where that URL was inserted as a referrer and when your database was saved for backup it included a log record of this visit. Then you did a full scan on your site which included this database backup file.

    If you want to know for sure, open that .sql file in a regular text editor like notepad and search for “sdi-apps” in the file. You should then be able to figure out in what part of the database the URL was stored. Hopefully and likely just in a log.

    Thread Starter rrosenthal

    (@rrosenthal)

    The URL appears to be in a section of the database with many links … some related to WP, others about news seemingly unrelated to WP. Almost appears like an rss feed.

    Hello rrosenthal,
    can you see what name is of the database table?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Malware in wp-admin/_db_backups’ is closed to new replies.