User name backup got created

  • Resolved iversa

    (@iversa)


    10 years, 8 months ago

    I just recently got hacked in two of my WordPress sites both with WordPress Premium installed. They manage to create new adminstrator usernames “backup”

    I only found out when I got an email from one site telling me that a username “backup” had logged in with administrator rights.

    It was good that I got the email but how was this posible for the hacker to create the backup username to begin with?

    https://ww.wp.xz.cn/plugins/wordfence/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author WFMattR

    (@wfmattr)

    10 years, 8 months ago

    Sorry to hear about the hack. There are a number of ways this can happen — sometimes through a plugin with a new vulnerability, outdated plugins/themes or core files (either on the same site or another site you have on the same hosting plan), file permission issues on shared hosting, or even a compromised password on your database user or hosting account.

    We have a guide for cleaning hacked sites, that explains more options in Wordfence you can use for deeper scans — they may take longer to run, but can help find additional questionable files:
    How do I clean my hacked site using Wordfence?

    If you have any questions on the files that it finds, make sure to keep a copy, and let us know here.

    -Matt R

    Thread Starter iversa

    (@iversa)

    10 years, 8 months ago

    Thanks for the info. I will check the link

    Plugin Author WFMattR

    (@wfmattr)

    10 years, 8 months ago

    Ok, great — if you have any questions on the files found in the scans, just let us know.

    -Matt R

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘User name backup got created’ is closed to new replies.