Unknown admin account? Is my site hacked?
-
Hello! Possibly a stupid question…
Short while ago my Wordfence -plugin gave alarm about unknown admin-account, which by Wordfence, was created outside of WordPress. Account name was: “Administrator”, role: admin/superuser, email: “[email protected]”.
Is this some new feature of WordPress, something created by plugins, or is my site hacked? Is this a faux account which pretends to be official WP support profile, so it would appear more reliable?
I deleted the account, but it keeps appearing back. Latest thing I did, is I changed the role of the account to susbcriber (I’m not sure is the name correct, I have finnish language localization). But I mean I changed the role to lowest level role. For now, it has remained like that.
I did run Wordfence scan and some on-line malware scans. None had found any malware or any other suspicious activity. Wordfence didn’t found file changes either.
I also looked uploads-folder, but I didn’t found anything suspicious. And I looked root folder and wp-admin folder, and didn’t see anything that I would straight away find suspicious.
Unknown admin-account is only weird thing. Site is working normally. And I can log in and operate all administrative tasks normally.
Anyone know what this is about.
Thanks.
Kalle
edit: typo.
- The topic ‘Unknown admin account? Is my site hacked?’ is closed to new replies.