Hacked, or vulnerable? Plugin is sending out email

  • Resolved quantazelle

    (@quantazelle)


    6 years, 10 months ago

    I installed the free version, but my email service was shut down by my host. So it appears that this plugin is sending spam emails.
    An example of the logs:

    2018-04-24 15:06:29 cwd=/home/iNNN5/public_html/qNNN.com/wp-content/plugins/audioigniter 4 args: /usr/sbin/sendmail -t -i [email protected]
    2018-04-24 15:06:29 cwd=/home/iNNN5/public_html/qNNN.com/wp-content/plugins/audioigniter 4 args: /usr/sbin/sendmail -t -i [email protected]
    2018-04-24 15:06:29 cwd=/home/iNNN5/public_html/q—.com/wp-content/plugins/audioigniter 4 args: /usr/sbin/sendmail -t -i [email protected]
    2018-04-24 15:06:29 cwd=/home/iNNN5/public_html/qNNN.com/wp-content/plugins/audioigniter 4 args: /usr/sbin/sendmail -t -i [email protected]
    2018-04-24 15:06:29 cwd=/home/iNNN5/public_html/qNNN.com/wp-content/plugins/audioigniter 4 args: /usr/sbin/sendmail -t -i [email protected]

    Do you have any idea why this is?

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @quantazelle,
    AudioIgniter doesn’t have anything to do with emails, so you should assume that your hosting account has been somehow compromised.

    If you don’t how to handle the situation, this is a good summary.

    Compare/diff the files of audioigniter on your server with the ones served by www.remarpro.com and you should see that the ones on your server are different, most probably bigger in filesize.

    Please note that re-installing audioigniter, most probably won’t be enough. Almost always, the viruses/remote shells/malware or whatever they are called, affect multiple files all over your account’s files, so you need to be certain every trace of the “virus” has been removed (and all passwords changed, of course).

    Thread Starter quantazelle

    (@quantazelle)

    Thank yoU!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Hacked, or vulnerable? Plugin is sending out email’ is closed to new replies.