think my site was hacked
-
I received this message from my host provider:We received the following reports against your domain, please take the appropriate steps to resolve the reports and prevent future instances:
[ SpamCop V4.8.1.007 ]
This message is brief for your comfort. Please use links below for details.Spamvertised web site: https://nightstandnovels.com/gashisotropy/
https://www.spamcop.net/w3m?i=z6075594862z6dd4bac21bad68de01c3bca4b899a9c2z
https://nightstandnovels.com/gashisotropy/ is 199.167.28.60; Thu, 13 Feb 2014 15:58:14 GMT[ SpamCop V4.8.1.007 ]
This message is brief for your comfort. Please use links below for details.Spamvertised web site: https://nightstandnovels.com/phytoplanktonaseptic/
https://www.spamcop.net/w3m?i=z6075405768z09969fd47598fcd2e8f16a49401a3f89z
https://nightstandnovels.com/phytoplanktonaseptic/ is 199.167.28.60; Thu, 13 Feb 2014 10:00:59 GMT[ Offending message ]
Return-Path: <[email protected]>
Delivered-To: x
Received: (qmail 27572 invoked by uid 0); 13 Feb 2014 09:58:40 -0000
Received: from unknown ([10.170.1.115])
(envelope-sender <>)
by qmail27.zonnet.nl (qmail-ldap-1.03) with QMQP
for < >; 13 Feb 2014 09:58:40 -0000
Delivered-To: CLUSTERHOST mail3.versatel.nl x
Received: (qmail 32258 invoked by uid 0); 13 Feb 2014 09:58:34 -0000
Received: from unknown (HELO eu-1mzmkm5uubno) ([89.122.200.230])
(envelope-sender <[email protected]>)
by mail3.versatel.nl (qmail-ldap-1.03) with SMTP
for < >; 13 Feb 2014 09:58:34 -0000
Received: (from root@localhost) by mail0.galiciajewishmuseum.org (8.11.3/8.11.3)
id k2V3OhN97029; Thu, 13 Feb 2014 09:58:40 -0200 (PDT envelope-from root)
Date: Thu, 13 Feb 2014 09:57:43 -0200
Message-Id: <8511_________________hYZC@monsoon>
X-Mailer: phpmailer [version 1.41]
X-BeenThere: [email protected]
X-Kaspersky: Checking
Content-Type: text/plain; charset=”us-ascii”
Content-Transfer-Encoding: 7bit
To: <x>
From: “Former Child Star Shirley Temple Dies” <[email protected]>
Subject: Reese Witherspoon Stuns In A Little Black Dress
X-Antivirus: AVG for E-mail 2014.0.4259 [3697/7088]
X-AVG-ID: ID3E717596-69C8648BFormer Child Star Shirley Temple Dies
https://nightstandnovels.com/phytoplanktonaseptic/If you can’t click the above link, move this email to your inbox and then click!
These links should not be a part of my site. His suggestion:
contacting WordPress support on the appropriate steps to take to secure your website and fix the exploits. At this point, changing your passwords may not be enough since the hacker most likely has access to an exploit in your WordPress install.I have no clue about all of this. I’m a novice I did a search and someone suggested to another user to look for an addition to their index.php and header php files but the addition wasn’t in my files. I have no clue what to do. WHen I looked at stats and saw my top pages I do see a click1.php and a click2.php which should not be there. all of the other top pages are recognizeable to me except those two. when I clicked them from cpanel it just opens to a blank page. any help on where to begin or steps to get rid of this willbe helpful.
I’m a super novice at this. thanks!
- The topic ‘think my site was hacked’ is closed to new replies.