1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Malicious PHP injections on Wordpress

Discussion in 'BlackHat Lounge' started by unknowingly, May 31, 2017.

  1. unknowingly

    unknowingly Junior Member

    Joined:
    Sep 20, 2013
    Messages:
    140
    Likes Received:
    46
    Hi guys,

    I've noticed my sites are injected with malicious PHP which would drive users to porn pages. Do you know how to solve it? I keep removing the PHP files and all related images but it still appears.

    Recently, I installed Wordpress on a new domain and it is also infected. Would really appreciate some help. My Adsense has tanked from $100 to $1 a day.
     
  2. soccerlover

    soccerlover Jr. VIP Jr. VIP

    Joined:
    Jun 12, 2014
    Messages:
    3,199
    Likes Received:
    1,683
    Gender:
    Male
    Occupation:
    Seo Analyst :D
    Location:
    ♥♥♥ BHW ♥♥♥
    Home Page:
    Check your .htaccess file.

    There would be code of infected mobile version porn site.

    Please clear it and check the permissions for your theme,plugin and other directories.
    Often this issue arrive from plugin, hackers usually target some xyz plugin and then spread this sort of malwares.

    If you want me to check your site, give your ftp credentials in PM.
    I'll do it for free :)
     
    • Thanks Thanks x 1
  3. iamsolo

    iamsolo Power Member

    Joined:
    Jul 13, 2014
    Messages:
    538
    Likes Received:
    327
    Gender:
    Male
    First remove adsense code otherwise you'll lose your account.
    Export your data to xml and uninstall and reinstall wordpress.
    Donot use pirated themes/plugins.
     
    • Thanks Thanks x 1
  4. manolo12399

    manolo12399 Senior Member

    Joined:
    Jan 3, 2009
    Messages:
    1,044
    Likes Received:
    185
    go it too, check plugins, and function file, scan the site with wordfence plugin too, some more expert can give you better ideas...depends how complaicate and customized is your site