Strange categories (Payday Loans Bitcoin News Trading Forex) appeared

  • Hi

    Today I noticed some strange categories on my WordPress recipe site. The categories (Payday Loans, Bitcoin News, Bitcoin Trading, Forex Trading) had no posts in them. They had just their names and their slugs, no additional info.

    I searched for the issue on the internet but could not find any other reports of it. So I tired Googling the names of the categories to see if there were other sites affected by the same thing. Actually there were others which contained the exact same categories although they were not Bitcoin, Forex or trading websites. There were healthcare websites among them, cafe blogs, lawyer websites, hotels, you name it.

    So I wanted to report it in case it was some new security issue so nobody is aware of it yet.

    P.S. I tried reporting it to HackerOne as suggested but it required me to log in as an hacker so I could not report the issue there.

    • This topic was modified 1 year, 11 months ago by Yui. Reason: moved to fixing wordpress
Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Yui

    (@fierevere)

    永子

    I guess there is nothing to be reported to HackerOne, at least until you figure out the intrusion vector, and for now check this article

    FAQ My site was hacked

    Thread Starter RoyalBunny

    (@royalbunny)

    Hi

    I don’t think my site was hacked. My hosting provider regularly checks for hacking attempts and I also check from time to time.

    What I fear is that this may be a vulnerability. I’m not claiming that it definitely is, it’s just I would appreciate it if someone who has the knowledge of the WordPress core could look into it.

    Hi @royalbunny
    It sounds like your WordPress site may have been hacked, and the hacker has added these categories to your site. The hacker may be using these categories as part of a larger scheme to spam or phish users or to gain search engine rankings for their purposes.

    To fix this issue, you should take the following steps:

    1. Change all your passwords for your WordPress site and any related accounts (such as your hosting account or FTP account). Use strong, unique passwords that are difficult to guess.

    2. Scan your site for malware using a tool like Wordfence or Sucuri. These tools can help identify and remove any malicious code that may have been added to your site.

    3. Make sure that your WordPress installation, themes, and plugins are all up to date. Outdated software can be vulnerable to attacks.

    4. Consider enabling two-factor authentication for your WordPress site to add an extra layer of security.

    It is also a good idea to keep an eye on your site and monitor for any further unusual activity. If you notice anything suspicious, take action immediately to protect your site and your users.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Strange categories (Payday Loans Bitcoin News Trading Forex) appeared’ is closed to new replies.