Title: [Plugin: BackWPup] infected files! Last modified: August 20, 2016 --- # [Plugin: BackWPup] infected files! * [rverrecchia](https://wordpress.org/support/users/rverrecchia/) * (@rverrecchia) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/) * My hoster sent me an advice that this plugin have infected files. * I try to deleted the plugin and reinstall it from wordpress repository but I have always the same problem. * The infected files: ====================== /wp-content/plugins/backwpup/pages/ page_backwpupsettings.php /wp-content/plugins/backwpup/pages/func_backwpupeditjob. php /wp-content/plugins/backwpup/pages/page_backwpups /wp-content/plugins/backwpup/ pages/func_backwpupeditjob.phpettings.php * [http://wordpress.org/extend/plugins/backwpup/](http://wordpress.org/extend/plugins/backwpup/) Viewing 9 replies - 1 through 9 (of 9 total) * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413496) * Please contact the plugin author directly and give them _every possible detail_. His site is [http://danielhuesken.de](http://danielhuesken.de) * Plugin Contributor [Daniel Hüsken](https://wordpress.org/support/users/danielhuesken/) * (@danielhuesken) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413558) * Hello, * can you send me the advice, because i don’t kow anythng about a infect. * Thread Starter [rverrecchia](https://wordpress.org/support/users/rverrecchia/) * (@rverrecchia) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413562) * I paste here: * > Hello, > We have received an Maldet report regarding your resold accounts > ***** and**** > and below are the infected files and as of now I have just disabled the files > and please delete these files from your end or else we will be deleting it > when we get the next report. ====================== /wp-content/plugins/backwpup/ > pages/page_backwpupsettings.php /wp-content/plugins/backwpup/pages/func_backwpupeditjob. > php /wp-content/plugins/backwpup/pages/page_backwpups/ /wp-content/plugins/ > backwpup/pages/func_backwpupeditjob.phpettings.php > ====================== > Please make sure that all the files and folders are > checked under the account and will not contain any kind of MALWARE contents. > In failure of doing the same, account may be suspended. > And also Please upgrade all the Applications/Softwares that you are using to > the latest version. > Let us know if you need any further assistance. > Regards, > **** * [Mark (podz)](https://wordpress.org/support/users/podz/) * (@podz) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413571) * rverrecchia – email the developer through their site. This conversation – if there is a problem the author needs to know about – is not suitable for public viewing. Give the developer a chance before damning his work in public. * Thread Starter [rverrecchia](https://wordpress.org/support/users/rverrecchia/) * (@rverrecchia) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413576) * I wrote to the developper and he answer here… I don’t want to damning his work. Daniel you can write me an email if you prefer. * [sonja_and_andy](https://wordpress.org/support/users/sonja_and_andy/) * (@sonja_and_andy) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413689) * One of my blogs was hacked last week. I am almost certain that the backwpup exploit that was discovered recently was used. * While the developer might not think it is suitable for public viewing, I think the affected users should know, you can read more about it on * [http://www.exploitsearch.net/?q=%22SECUNIA%2043508%22](http://www.exploitsearch.net/?q=%22SECUNIA%2043508%22) [http://lists.virus.org/sec-adv-1110/msg00152.html](http://lists.virus.org/sec-adv-1110/msg00152.html) and [http://www.exploit-db.com/exploits/17987/](http://www.exploit-db.com/exploits/17987/) * This is the 3rd security hole in backwpup in a year. I’m not happy about this. I spend the entire Thanksgiving day cleaning everything off and closing all the back doors. * Plugin Contributor [Daniel Hüsken](https://wordpress.org/support/users/danielhuesken/) * (@danielhuesken) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413692) * Did you have made a update for BackWPup ? * [sonja_and_andy](https://wordpress.org/support/users/sonja_and_andy/) * (@sonja_and_andy) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413694) * I updated it on 10/27 * Yesterday and today I looked at the server logs, files from the backwpup package were accessed directly from unknown ip addresses so I deleted the whole backwpup plugin rather than updating again. * In the end I don’t think the source of the hack was backwpup, sorry about posting a bit prematurely, but backwpup was the first thing that stood out in the logs, and then googling it immediately brought up the pages I linked to in the post above. * Plugin Contributor [Daniel Hüsken](https://wordpress.org/support/users/danielhuesken/) * (@danielhuesken) * [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413695) * sorry, i have checked the Reports and if you made Update to 2.1.6, i thnik, all is fixed. Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘[Plugin: BackWPup] infected files!’ is closed to new replies. * ![](https://ps.w.org/backwpup/assets/icon-256x256.png?rev=3236141) * [BackWPup – WordPress Backup & Restore Plugin](https://wordpress.org/plugins/backwpup/) * [Support Threads](https://wordpress.org/support/plugin/backwpup/) * [Active Topics](https://wordpress.org/support/plugin/backwpup/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/backwpup/unresolved/) * [Reviews](https://wordpress.org/support/plugin/backwpup/reviews/) * 9 replies * 4 participants * Last reply from: [Daniel Hüsken](https://wordpress.org/support/users/danielhuesken/) * Last activity: [14 years, 6 months ago](https://wordpress.org/support/topic/plugin-backwpup-infected-files/#post-2413695) * Status: not resolved