How to fix WordPress Malware Script Attack

September 19, 2012 — Leave a comment

Recently we were working on some wordpress site on a shared hosting around 5 of them are hosted in a same account. As the changes are minor we planned to use Direct FTP access to site and update. everything was superfine for the first few hours.

After some hours our site went down. WordPress white screen of Death the famous. Ahh.. We wonder.

We had made a detailed study on the code. It didint took much longer to identify the malicius code. It was something like

eval(base64_decode(“DQplcnJvcl9yZXBvcnRpbmcoMCk7DQ…” ));

We fixed and re-upload again the same. After that we figured out that all the .php files are affected. Some files are more than once being injected the same code.




No Comments

Be the first to start the conversation.

Leave a Reply

Text formatting is available via select HTML. <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>