Malware? Strange folder created in public_html

July 17, 2019, 7:11 am

≫ Next: Account, website, all disappeared

I activated your plugin and configured it and everything went amazingly well. Your plugin did exactly as as promised!

The only thing is my malware scanner was activated saying core files have been altered.
A new folder simply entitled ‘s’ has been created in my public_html folder. Inside are strange files and another folder called ‘loaded’

Everyday since activating your plugin new files are being added to this new ‘s’ folder daily.

I then deactivated your plugin and the new files creations stopped.

I’m afraid to reactivate your plugin because I don’t know why its creating these new files.

What are they?

↧

Account, website, all disappeared

July 18, 2019, 5:29 pm

≫ Next: Hijacks your site with obtrusive pop-ups

≪ Previous: Malware? Strange folder created in public_html

Hi everyone;

Here I am asking for your opinion and help.

Here the facts:
– tryint to pay my 2019 fees, website is disappeared
– provider let me know website was shut down cause of malware links
– I try to access to wordpress but I don’t exist there anymore
– nor my email seem to be associated anymore to anything or worpress.

Some ideas, suggestions?

Thanks a lot!

↧

Hijacks your site with obtrusive pop-ups

July 19, 2019, 1:12 am

≫ Next: Changes PHP & JS

≪ Previous: Account, website, all disappeared

I had to remove this plugin. PropellerAds does not offer banner ads, they only serve pop-up and push ads which divert traffic from your site. Some ads even try to prevent visitors from returning to your site. You will lose most if not all of your visitors if you go with PropellerAds.

↧

Changes PHP & JS

July 23, 2019, 2:55 am

≫ Next: Website Hacked? Malware Redirect.

≪ Previous: Hijacks your site with obtrusive pop-ups

Hello,

I’m not sure if the changes in php and js after the last update are malicoous or not. Is there somewhere a documentaion in detail, what changed in the code from one update to the other?

↧

Website Hacked? Malware Redirect.

July 26, 2019, 4:36 pm

≫ Next: “cloudfront.net” Malware on my site

≪ Previous: Changes PHP & JS

I really hope to get some help with details on how to resolve this problem. It doesn’t happen often but it has occurred sporadically when I clicked the link from my yelp page and google search results page. I am getting directed here:

https://datingsuperchoice1.com/?u=d29pte4&o=vxukbbp&t=cat3_20_428102cc7a090702dbfd

Has only happened on my pixel 3, chrome mobile. Have not seen it on other devices/computers. Spent an hour with Google support to scan and delete my apps/browser data etc.

↧

“cloudfront.net” Malware on my site

July 30, 2019, 5:35 am

≫ Next: “cloudfront.net” Malware on my site/plugin/fb page

≪ Previous: Website Hacked? Malware Redirect.

Hi, some visitors to my site tell me that by clicking on the Facebook posts addressed to my site they are directed to the “cloudfront.net” site. With announcements like “Congratulations, you’re selected as a lucky user today”.

I scanned with “Anti-Malware Security and Brute-Force Firewall” and found no problems on my WordPress web site.

Do you know if it’s just a problem of infected smartphones or are there any malware infecting our sites?
The malware was reported by more different visitors.

Thanks for your help

Screenshot

↧

“cloudfront.net” Malware on my site/plugin/fb page

July 30, 2019, 5:38 am

≫ Next: WordPress getting hacked

≪ Previous: “cloudfront.net” Malware on my site

Hi, some visitors to my site tell me that by clicking on the facebook posts addressed to my site they are directed to the “cloudfront.net” site. With announcements like “Congratulations, you’re selected as a lucky user today”.

I scanned with “Anti-Malware Security and Brute-Force Firewall” and found no problems on my VPS.

I’ve never had problems like this before installing your plugin for automatic publishing on my Facebook page

Do you know if it’s just a problem with infected smartphones or are there any malware that infects our sites/plugins or Facebook pages?
The problem was reported by more visitors

Thanks for your help

↧

WordPress getting hacked

August 3, 2019, 6:03 am

≫ Next: Help: rogueads.unwanted_ads

≪ Previous: “cloudfront.net” Malware on my site/plugin/fb page

My wordpress installation is hacked. i had few websites hosted in shared cpanel. i updated wp, replace old file,plugin with new files but i see new spam post being made automatically. These spam posts have no authors.

also lots of .php files created all over the server.

↧

Help: rogueads.unwanted_ads

August 5, 2019, 8:58 am

≫ Next: Malware – PHPmailer

≪ Previous: WordPress getting hacked

So I have installed your plugin and I am not 100% if it has fixed the issue.

Because when I do a scan on Sucuri it still says I have the malware on my website? Any chance you are able to help me with this…

↧

Malware – PHPmailer

August 5, 2019, 11:08 pm

≫ Next: Need Help with possible Malware attack

≪ Previous: Help: rogueads.unwanted_ads

Hi,
One of my domains were temporarily suspended yesterday night because suspicion malware in the path: …wp-bootstrap-starter/PHPMailer/src/PHPMailer.php
“The page suspiciously emits many emails and is probably hacked. FTP and File-manager access are still possible”
The site can now only be accessed through c-panel filemanger/FTP.
Do you have any tips what can be done to fix the issue? Except create new passwords etc for admin.
Thanks

↧

Need Help with possible Malware attack

August 7, 2019, 7:51 am

≫ Next: Hit by bots even after deleting plugin

≪ Previous: Malware – PHPmailer

Hello,

I am a techie but not very conversant with Web Development. I built this website from scratch using WordPress. I have not logged in for a while and suddenly see it is redirecting to another site. I tried to find the malware code but have not found yet. I have already installed and activated Wordfence. Please help me in this regard.

Best Regards,
Soumyajit

↧

Hit by bots even after deleting plugin

August 7, 2019, 9:28 pm

≫ Next: Strange characters in /wflogs/attack-data.php?

≪ Previous: Need Help with possible Malware attack

After trying and failing several attempts at this plugin which never worked on my site I finally gave up and deleted it. Now, I am getting hit by what I can only assume is a bot looking for the Faucet. It keeps hitting the page where the faucet was generating 404 errors on Google Analytics. It has been going on for several days. The page was disallowed for search engines to pick (has never been indexed). The faucet was up published (privately for me only) just for one day and never submitted anywhere. The bot is hitting from Germany according to analytics.

So, I am assuming this plugin has some hidden code which is notifying your servers, and you or someone has a bot to try and gain satoshi – hence the 404’s.

If that is not the case you should explain where this bot is coming from and why, and importantly why it is not disclosed. I want this stopped as it is skewing my analytics data.

↧

Strange characters in /wflogs/attack-data.php?

August 15, 2019, 2:16 am

≫ Next: Malware in UpdraftPlus – Help Me Out Of This Loop

≪ Previous: Hit by bots even after deleting plugin

Hi, i have been cleaning out a few websites on the same server that have been infected with malware.

After replacing the core files i came across these strange characters in /wflogs/attack-data.php?

<?php exit(‘Access denied’); __halt_compiler(); ?>
wfWAF除

I tried searching but found nothing, is this normal?

Cheers

↧

Malware in UpdraftPlus – Help Me Out Of This Loop

August 19, 2019, 8:57 am

≫ Next: Removal of search exclude from wordpress.org

≪ Previous: Strange characters in /wflogs/attack-data.php?

I have a security vulnerability query with regards to Updraft Plus – Free Version. Your support pages refer me to the WordPress Forums but the WordPress Forums state that security vulnerabilities should be discussed with the Plugin Vendor prior to making them public (to avoid others being impacted by the exploit).

I am stuck. You tell me to post to WordPress Forums, WordPress Forums tells me to contact you first.

Please help me out of this loop.

↧

Removal of search exclude from wordpress.org

August 31, 2019, 7:21 am

≫ Next: My username capabilities get changed automatically

≪ Previous: Malware in UpdraftPlus – Help Me Out Of This Loop

How serious is the reason that search exclude plugin has been removed from wordpress.org.
I understand it’s removal is temporary. It would be good to know the reason why it has been removed and when it will be restored. thanks.

↧

My username capabilities get changed automatically

August 31, 2019, 11:58 am

≫ Next: Great Plugin !

≪ Previous: Removal of search exclude from wordpress.org

On the Site that i’m admin , The capabilities in database will change automatically to customer !
I tried over and over to change it to default (administrator) but after a while it get return to customer !

Whats wrong ? It can be malware ? how fix it ?

↧

Great Plugin !

September 4, 2019, 9:29 am

≫ Next: malware.injection

≪ Previous: My username capabilities get changed automatically

Found and cleaned Malware at .htaccess file, that other programs could not find !
Great plugin !

↧

malware.injection

September 4, 2019, 2:10 pm

≫ Next: What is steadfastsystem.com? malware?

≪ Previous: Great Plugin !

hello,

i got a malware.injection (videommm pro MALWARE)

please help

↧

What is steadfastsystem.com? malware?

September 7, 2019, 4:39 pm

≫ Next: More Malware reporting issues

≪ Previous: malware.injection

Hi,

If i do search for Malware with rescan, i have alerte with file steadfastsystem.com.

And after some search i discover than it’s from your plugin.

What is it, and it is dangerous file?

↧

More Malware reporting issues

September 9, 2019, 7:17 am

≫ Next: Spammy site redirect

≪ Previous: What is steadfastsystem.com? malware?

Hi..

i have had several potential malware warnings lately. This usually happens after an update to plugins. the email reports suggests that there is an issue. When checking the scan results in the WP dashboard it reports nothing in any category.

↧