Malware entry: MW:JS:GEN2

Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter lukeoko

    (@lukeoko)

    description again here: https://kb.sucuri.net/malware/encoded-javascript

    Plugin Author WFMattR

    (@wfmattr)

    A good way to clean the site and try to find where the link is coming from, is this guide:
    How do I clean my hacked site using Wordfence

    This uses a feature in Wordfence that scans for more potentially malicious patterns, but it may also find some files that are ok (false positives). If Wordfence shows files where you are not sure if they are bad or not, you can also send them to samples [at] wordfence.com.

    Often scripts like this are added to the theme’s header.php — if you find that code in header.php, you can also send it to the address above. (Reinstalling your theme should fix it temporarily, but the longer process is necessary to find where the attacker came in.)

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Malware entry: MW:JS:GEN2’ is closed to new replies.