Update: Hacker used some method to replace core WordPress index.php file…
I can’t access anon.digital, the domain does not exist.
Typo on the domain – but already fixed. There was a backup copy of WordPress on the same server. We believe the attacker leveraged this to break in and then change the index.php file of the core WP install. This has been deleted. If there are further issues will let you know.
If you did not enable them yet, consider enabling the File Guard and File Check options.
If it’s a local attack, i think NF can’t stop it.
It’s shared hosting’s problem.
