WordPress Security – HACKED

  • BURROW5

    (@burrow5)


    9 years ago

    Had an email from google saying new owner for my website. Logged in to web master tools and two html files were showing – checked website root and they were in there. Hackers had claimed ownership of the website, and had verified themselves as the owners through google.

    Deleted the two html files from the root, also reverted index.php and sitemap.xml as full of references to [redacted].

    index.php…


    [Moderated: hacked code deleted]

    sitemap file also contained thousands of bogus url’s.

    This happened I think around 18th May 2017, and having looked at the activity plugin I can see a core update for the wordpress version stating “WordPress Auto Updated” by IP address 143.95.147.232 on 17th May @ 12:21:35 am.

    That IP traces back to a company called Colo4, LLC (it’s static and the company details are shown below):

    http://whatismyipaddress.com/ip/143.95.147.232
    https://www.bloomberg.com/profiles/companies/3680829Z:US-colo4-llc

    I have changed all passwords including wordpress, hosting and web master tools and will be updating to the latest version of WP. Current version is 4.5.9.

    Thoughts?

Viewing 1 replies (of 1 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Volunteer Forum Moderator

    9 years ago

    Take a deep breath and carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you’re unable to clean your site(s) successfully, there are reputable organizations that can clean your sites for you. Sucuri and Wordfence are a couple.

Viewing 1 replies (of 1 total)

The topic ‘WordPress Security – HACKED’ is closed to new replies.