1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

My Wordpress site - compromised?

Discussion in 'Web Design' started by rancidricky, Feb 7, 2017.

  1. rancidricky

    rancidricky Registered Member

    Joined:
    Feb 1, 2016
    Messages:
    76
    Likes Received:
    37
    Hey guys,

    I've not checked my email for the last few days and have come back to find an email from iThemes security prompting me to update my wordpress version (I logged on and checked, it is up to date).

    But I also received several emails from my wordpress email ([email protected]..) to my personal email which is with mail.com which has blocked them and says they contain a virus... I've never experienced this before...

    does anyone know what this might be, or have suggestions on what to do?

    My thought was that because i can still login fine it might have been hacked and used to send malicious emails?

    Really appreciate any ideas :)
     
  2. TyperX

    TyperX Jr. VIP Jr. VIP

    Joined:
    Nov 2, 2013
    Messages:
    101
    Likes Received:
    16
    yes it could be hacked that way. Try also site:domain.com to see if any subpages are added
     
    • Thanks Thanks x 1
  3. rancidricky

    rancidricky Registered Member

    Joined:
    Feb 1, 2016
    Messages:
    76
    Likes Received:
    37
    Thanks for the input.
    I checked and didn't find any odd new pages
     
  4. ttmschine

    ttmschine Regular Member

    Joined:
    Mar 27, 2013
    Messages:
    408
    Likes Received:
    187
    There's been a big attack on wordpress recently - could be you were caught up in it - see sucuri blog for details
     
    • Thanks Thanks x 1
  5. rancidricky

    rancidricky Registered Member

    Joined:
    Feb 1, 2016
    Messages:
    76
    Likes Received:
    37
    Can anyone who has knowledge of this security stuff recommend a course of action? Can't see any new pages added, same password still works... if I change my password am I in the clear? But I dont know how the infected emails came about :/
     
  6. I know SEO

    I know SEO Marketplace Mod Moderator

    Joined:
    Nov 29, 2012
    Messages:
    15,824
    Likes Received:
    6,131
    Moved to Web Design.
     
  7. thisisnotadrill

    thisisnotadrill Newbie

    Joined:
    Feb 9, 2017
    Messages:
    26
    Likes Received:
    1
    Gender:
    Male
    A wordpress site of mine was hacked recently. The hacker accessed my mailbox and sent 100,000's of emails, my mail folder located on my shared hosting account filled to capacity and the website was inaccessible. It was quicker for me to reset the whole thing (i.e. clear my public_html folder and refresh my cPanel) than delete 100,000's of files from a remote server. and then upload the whole thing again (lucky I had a local copy).

    If you upload your website via FTP then go to your mail folder which will be located at the root of your domain and see if any of the folders within that directory are filled with amass of strange files.

    It may also be worth checking your sent box from your domains mail box to check activity.

    If you can, it will be worth backing up your website now if you do not have a recent copy.
     
  8. thisisnotadrill

    thisisnotadrill Newbie

    Joined:
    Feb 9, 2017
    Messages:
    26
    Likes Received:
    1
    Gender:
    Male
    AND If you have not already changed your password do it now.
     
  9. SnoopyDrew

    SnoopyDrew Senior Member

    Joined:
    Jun 25, 2014
    Messages:
    1,146
    Likes Received:
    623
    Gender:
    Male
    Occupation:
    Affiliate Marketing And SEO
    Location:
    Oregon
    I suggest downloading WordFence, its a plugin for your wordpress and scans the whole site for malware and other harmful viruses.
     
  10. malayguru

    malayguru Regular Member

    Joined:
    Oct 29, 2012
    Messages:
    268
    Likes Received:
    42
    Gender:
    Male
    Occupation:
    Entrepreneur
    Location:
    Singapore
    there is a lot of hacktivity recently due to vulnerabilities in wordpress 4.7 and 4.7.1
    please update ur wordpress site to 4.7.2 and those vulnerabilities will be patched
    lastly, please install wordfence plugin, it helps to protect ur site.