Jump to content
achif

Please Help, I've Been Hacked

Recommended Posts

achif    0
achif

Hi guys, 

I'm managing the website mototematicos.com and we've been hacked for the third time.

I have tried a lot of measures of security but these attacks just keep affecting our site. (I've all the backups)

Have you got any suggestions or experiences related to this?

 

The hacker names himself just has hacker in the sentence "hacked by hacker"

The host ip is of the attacker is 113.110.228.220

 

I just managed to put the site under construction.

 

Please help, thanks in advance!

 

Share this post


Link to post
Share on other sites
Simon    247
Simon

Please see http://codex.wordpress.org/FAQ_My_site_was_hacked

 

Usual attack vectors are poor/old plugins.

 

Could be its not even your site that was originally hacked, but he has 'rooted' the server and is now just playing havoc with all the sites on the server.

 

Read that page, and contact your host, they may have logs that show how he got in.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Similar Content

    • michelled
      By michelled
      Many thanks in advance for your help.
       
      I was recently informed by my web host that my site is infected, specifically they say file
       
       
      which they say:
       
       
      When I posted on WP, I was told this was odd as there is no record of this file being affected by malware. I was also advised to check my site on sucuri. Sucuri found nothing. When I checked via my site's file manager, the named file was not present but may have been removed by my host server.
       
      I was nevertheless instructed to remove and replace my files:
       
       
      Problem is, when I compared the files on my site server and those in the Wordpress 4.1 archive, my site had a great number of additional files. My concern was that these were added by my Pageline theme, Platform, and removing them would cause a complete malfunction of my site. I was advised that no theme should be modifying the core files and that these files may be the result of the alleged malware infection. Before I potentially destroy my website, could someone please confirm that the following files were not added by the Platform theme:
       
      root directory:
      fantversion.php
      wp-atom.php
      wp-commentsrss2.php
      wp-feed.php
      wp-pass.php
      wp-rdf.php
      wp-register.php
      wp-rss.php
      wp-rss2.php
      wp-xmlrpc.php

      wp-admin:
      ajax-upload.php

      wp-admin/includes:
      install.php
      options-reading.php

      wp-admin/js:
      default_folder.php

      wp-admin/network:
      details_up.php

      wp-includes:
      class-wp-smtp-bar.php
      class.wp-dependencies.php
      class.wp-scripts.php
      class.wp-styles.php

      wp-includes/certificates:
      patfactory.php
      tdomf-upload-functions.php

      wp-includes/css:
      mod_search.php
      themes.php

      wp-includes/js/crop:
      default_ftp.php

      wp-includes/js/jquery/ui:
      jquery.ui.accordion.min.js
      jquery.ui.autocomplete.min.js
      jquery.ui.button.min.js
      jquery.ui.core.min.js
      jquery.ui.datepicker.min.js
      jquery.ui.dialog.min.js
      jquery.ui.draggable.min.js
      jquery.ui.droppable.min.js
      jquery.ui.effect-blind.min.js
      jquery.ui.effect-bounce.min.js
      jquery.ui.effect-clip.min.js
      jquery.ui.effect-drop.min.js
      jquery.ui.effect-explode.min.js
      jquery.ui.effect-fade.min.js
      jquery.ui.effect-fold.min.js
      jquery.ui.effect-highlight.min.js
      jquery.ui.effect-pulsate.min.js
      jquery.ui.effect-scale.min.js
      jquery.ui.effect-shake.min.js
      jquery.ui.effect-slide.min.js
      jquery.ui.effect-transfer.min.js
      jquery.ui.effect.min.js
      jquery.ui.menu.min.js
      jquery.ui.mouse.min.js
      jquery.ui.position.min.js
      jquery.ui.progressbar.min.js
      jquery.ui.resizable.min.js
      jquery.ui.selectable.min.js
      jquery.ui.slider.min.js
      jquery.ui.sortable.min.js
      jquery.ui.spinner.min.js
      jquery.ui.tabs.min.js
      jquery.ui.tooltip.min.js
      jquery.ui.widget.min.js

      wp-includes/js/tinymce/langs:
      wp-langs-en.phtml

      wp-includes/js/tinymce/plugins/colorpicker:
      strspn.php

      wp-includes/js/tinymce/plugins/compat3x/css:
      folder.php

      wp-includes/js/tinymce/plugins/fullscreen:
      pdf.php

      wp-includes/js/tinymce/plugins/tabfocus:
      zip.php

      wp-includes/js/tinymce/plugins/wpeditimage:
      defines.php

      wp-includes/js/tinymce/plugins/fullscreen:
      DB.php

      wp-includes/js/tinymce/plugins/wpgallery:
      BBCode.php

      wp-includes/js/tinymce/plugins/wplink:
      frontpage.php

      wp-includes/js/tinymce/plugins/wpview:
      move.php

      wp-includes/js/tinymce/skins/lightgray/fonts:
      tdomf-subscribe-to-comments-widget.php

      wp-includes/js/tinymce/skins/wordpress:
      directory.php

      wp-includes/js/tinymce/skins/wordpress/images:
      dashicon-no-alt.png

      wp-includes/SimplePie:
      index.php

      wp-includes/SimplePie/Content/Type:
      nav-menu.php

      wp-includes/SimplePie/HTTP:
      InputFilter.php

      wp-includes/SimplePie/XML/Declaration:
      details_img.php
      ms-users.php

      wp-includes/Text/Diff:
      admin.languages.html.php

      wp-includes/Text/Diff/Engine:
      xml_domit_xpath.php

      wp-includes/Text/Diff/Renderer:
      freesansbi.php

      wp-includes/theme-compat:
      string.php
×