UPDATED: 14th July 2020 Let's start this tutorial with a tip, if you want to know your site has been infected by the monit.php hack add your site URL before this snippet and browse it: /wp-admin/options-general.php?page=monit If you see a page opening with settings and text strings then you're most probably hacked, if not you're probably safe. In both cases I suggest to follow the cleanup guide for the ofgogoatan.com redirect hack. Monit.php flagged as malware A few days ago we have been contacted by a client who was looking to clean his site from malware. While working on his site he noticed that some random code was … [Read more...] about How to trace and clean the monit.php hack
Security
The WordPress Popup Builder Vulnerability
Malicious JavaScript code can be injected into Popups Several security flaws have been uncovered in the Popup Builder plugin code. Currently, this plugin has more than 200,000 active installs. Many site owners are still unaware of the issue. This plugin is regularly updated and maintained by the authors. However, it took them 7 days to release the patched version of the plugin. Meanwhile, many sites were exploited by hackers and those using an outdated version of the plugin are still at risk. One of the vulnerabilities tracked as CVE-2020-10196, can be used to collect the list of subscribers. Apart from that, an attacker can gather … [Read more...] about The WordPress Popup Builder Vulnerability
Why does my WordPress site keep getting hacked?
The bitter reality The reason why I decided to write this article is that many times our clients have found themselves in total despair and frustration when their WordPress site keeps getting hacked. Hacks such as the Japanese Keyword Hack or the Malware Redirect hack can break a WordPress site once. However, if you are not careful with your WordPress site, these hacks might reappear. Truth be told, the psychological and financial burden of a WordPress site that keeps getting hacked is massive and it can take a great toll on the user, the brand, the service. And those users who have gone through this experience multiple times, do … [Read more...] about Why does my WordPress site keep getting hacked?
How to Detect the .bt WordPress Hack
Just recently we cleaned a WordPress site which was apparently hacked many years ago. The hack was still active and our client was lucky that we found it since he asked us to host the site for him(we'll talk about this added service in a new blog post). Every time we handle a WordPress site we check if it has any signs of being hacked or compromised, we did the same for this site as well and we've found that it has been hacked for more than 2 years. While the site's frontend worked fine its backend wasn't maintained and updated for a long time and as a result, some of the themes and/or plugins used were vulnerable so it became a hackers … [Read more...] about How to Detect the .bt WordPress Hack
10 Signs showing your WordPress Site is Hacked
Warning Signs of a WordPress Site been Hacked WordPress sites are notorious for getting hacked. There's a popular misconception that WordPress is faulty and easy to hack. The truth is, WordPress is the most popular CMS powering close to 40% of all sites on the web. As such, we can expect that hackers will target it most often, statistically. Regardless of the fact that naysayers are wrong, the threat is real. You might be experiencing some issues or noticing weird things on your site and you are suspecting that it might be compromised. While it is sometimes easy to spot a WordPress site hacked, sometimes the malware might not be that … [Read more...] about 10 Signs showing your WordPress Site is Hacked