Title: Plugin or virus?
Last modified: September 13, 2023

---

# Plugin or virus?

 *  Resolved [tfcgomy](https://wordpress.org/support/users/tfcgomy/)
 * (@tfcgomy)
 * [2 years, 8 months ago](https://wordpress.org/support/topic/plugin-or-virus/)
 * Hello,
 * just a short question, because I am a little bit in sorrow (because my website
   was hacked some months ago).
 * I got the note from NinjaFirwall, that “it has detected the following activity
   on your account:
 * -Plugin uploaded
   -Name: aioseoextensions.zip-User: xxx (administrator)-Date: 
   September 12, 2023 @ 02:50:42 +0200″
 * I’m sure that it was not me, who uploaded the plugin. And I would be happy if
   someone knew what happened here.
 * Thank you very much in advance!!!
 * Petra
 * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fplugin-or-virus%2F%3Foutput_format%3Dmd&locale=en_US)
   to see the link]_

Viewing 1 replies (of 1 total)

 *  Plugin Author [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * (@nintechnet)
 * [2 years, 8 months ago](https://wordpress.org/support/topic/plugin-or-virus/#post-17050048)
 * Someone logged in as an administrator and uploaded that file. If it wasn’t you,
   consider scanning your site immediately : [https://wordpress.org/plugins/ninjascanner/](https://wordpress.org/plugins/ninjascanner/)
 * Also:
    - Change your admin password.
    - Make sure no new admin accounts were created.
    - Look for a “/wp-content/plugins/aioseoextensions/” (or similar) folder .
    - Check the firewall’s log and search for that admin in it. Do you see it?
    - Consider enabling the “NinjaFirewall > Login Protection” and set it to “Username
      + Password” and “Always enabled”.

Viewing 1 replies (of 1 total)

The topic ‘Plugin or virus?’ is closed to new replies.

 * ![](https://ps.w.org/ninjafirewall/assets/icon-256x256.png?rev=976137)
 * [NinjaFirewall (WP Edition) - Advanced Security Plugin and Firewall](https://wordpress.org/plugins/ninjafirewall/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/ninjafirewall/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/ninjafirewall/)
 * [Active Topics](https://wordpress.org/support/plugin/ninjafirewall/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/ninjafirewall/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/ninjafirewall/reviews/)

 * 1 reply
 * 2 participants
 * Last reply from: [nintechnet](https://wordpress.org/support/users/nintechnet/)
 * Last activity: [2 years, 8 months ago](https://wordpress.org/support/topic/plugin-or-virus/#post-17050048)
 * Status: resolved