Mobile site hijacked

  • At the outset I would like to state that I am just an amateur running the website of a small organization for about 2 years. I have little knowledge of codes and usually gets things done using WYSIWYG interfaces. I would appreciate some help with an issue I am currently facing.

    If this is not the right place for posting such issues, kindly redirect me to an appropriate area.

    Recently, I noticed that my website is displaying a random page (actually an advertisement) ONLY when visited on a mobile. The desktop site is fine even when viewed simultaneously.

    I am not able to figure why this issue is occuring.

    I would like to make the following things clear:

    (1) I don’t think my password has been hacked because:
    (a) Both my username and password are very complicated and generated using a password manager (24 characters, Quality: 175 bits). There is no way that they could have been breached by a brute force attack. Also, I am always careful and I am pretty sure that I have not been phished into giving them.
    (b) I usually get login alerts for every login. I have not seen any suspicious login alert so far.
    (2) My mobile site is NOT redirected. I could see the URL of my home page on the address bar. Only what is displayed on the page has got changed.
    (3) The issue is occurring intermittently. Again, I do not know why.
    (4) It is not related to a particular mobile device and occurs when viewed with any device.

    In my opinion, it is a rogue plugin which does it.

    However, I would like to take the advice of more experienced users here.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Hi, this sounds like you might have malware on your site. The reason you’re not seeing the ad on desktop is probably because of an adblocker.

    I would install a security plugin like Sucuri and do a high-sensitivity scan of your site. I’m also linking WordPress standard procedure for hacked sites.

    Note: hacked does not have to be through giving out your password. A hacker could have brute forced your FTP or found a vulnerability on your site.

    Thread Starter Bradex

    (@bradex)

    Thank you!

    I’ll do as you suggested.

    We recently handled several infection cases where redirection occured for specific types of devices. In all cases this redirection came either from PHP files modification or Javascript code injection into WordPress database.

    It is worth to perform internal (server side) scan of your site (WordPress provides multiple server side scanners), verify integrity of WordPress core files and investigate content of database tables.

    Please go over installed plugins and disable/remove unused.
    There is a big chance that this infection injected via some vulnerable plugin.

    [Signature redacted]

    • This reply was modified 6 years, 2 months ago by Andrew Nevins.
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Mobile site hijacked’ is closed to new replies.