Please can someone explain me what has been done of my website !!?????

  • Resolved ianmallet

    (@ianmallet)


    12 years, 10 months ago

    This is the image of what I see on my website !!

    This is the thing which I see on my wordpress website, which boasts components like “Bruteforce” and “String tools” and “Self remove” which makes me fear everytime I open the website

    Has my website been taken over by some hacker or something??

    Please if anyone can provide me with steps to get back my steps or throw some light over this thing it’ll be really very helpful

    I’m ready to read stuff and perform things myself, but the thing is I’m unable to find anything on search engines even and yeah I’m not a google-dork

    God give you great heavens !!!

Viewing 8 replies - 16 through 23 (of 23 total)

  • Now try actually reading some of the pages at those links. They are not preventive measures. They explain how to clean a hack out of your site.

    Thread Starter ianmallet

    (@ianmallet)

    There was some nasty code hidden in the plugins, though I haven’t yet found what plugin contained the code, I just renamed the plugins folder and it went away, all of it !!

    Thanks buddy, great help !!

    I’ll just install each plugin again and this time I’l take care I only install standard plugins and not from free filehosting websites…probably that was the cause of it

    I’l take care I only install standard plugins and not from free filehosting website

    Amen to that! ??

    Thread Starter ianmallet

    (@ianmallet)

    I’m sure this is over, but I just wanted to bring out the cause which is very surprising for me, I just tried renaming each plugin’s folder individually and shockingly it comes out to be akismet !!!

    Yes i’ve used the same API key everywhere, on my local system, and on my multiple websites, but I didn’t download the source, the plugin was just there when worpress was installed which obviously you know well.

    Strange, maybe the hack requires akismet to compile itself, that’s a bad idea, I know.

    it comes out to be akismet

    Sorry but it will not be an issue with the original Akismet plugin. Either it’s another plugin, the hack was elsewhere or the plugin’s files have been compromised by a hacker post-install.

    Thread Starter ianmallet

    (@ianmallet)

    I found that the original akismet.php in the akismet folder had been compromised, I don’t know how, but it was because I took it on my local server and when I tried to run the akismet.php it all loaded up !!

    https://pastebin.com/CrbRZt2E this small file of 23 KB made my day ??

    Pheew..I’m so relieved and happy finally !!!!!!!

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I really don’t want to rain on your parade. But unless you delouse and close the doors that that attacker got in via, you’re going to have a repeat of this again.

    If you haven’t done so already, please go through those links Esmi provided you above.

    Thread Starter ianmallet

    (@ianmallet)

    Yes sure, I’ve tightened the security in every possible manner and I thank Esmi and you people for helping me out !!

Viewing 8 replies - 16 through 23 (of 23 total)
  • The topic ‘Please can someone explain me what has been done of my website !!?????’ is closed to new replies.