Mysterious Install

Viewing 8 replies - 1 through 8 (of 8 total)
  • Thread Starter Simps

    (@simplesi)

    hmmm this is actually malware and not your version sorry.
    The plugin directory is called ‘wp-db-backup-made’ And the contents do not match yours. The ‘Readme’ is similar but different.
    When you click more details it brings you here to your plugin page.

    Good job I have not activated it.

    Time to contact the host and find out how they are doing this…

    I just discovered something similar. Did you find anything?

    This is happening to one of our websites as well. Can you list the theme and plugins that you are using?

    AdrianB

    (@adrianb)

    I’ve also see the “wp-db-backup-made” plugin on an hacked WP site I am cleaning up right now.

    AdrianB

    (@adrianb)

    Seems like a backdoor, if you try to access system.php in a browser you’re asked for a password. If I google “wp-db-backup-made” I see a lot of other sites that probably has this backdoor active…

    Joms

    (@jomsky)

    Yes it is. It could be a vulnerable plugin or theme. In my case it was the older version of the “Attachments” plugin that’s bundled with a theme we use. I updated it manually and now the problem no longer occurs. Make sure that your plugins/themes are up to date.

    There’s definitely some WordPress malware using the name of this plugin.

    Same here.. not sure which plugin is compromised on my site..

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Mysterious Install’ is closed to new replies.