A few days ago, we received a hack removal request for a WordPress website using both Malcare and WordFence; it kept getting hacked and injected with Japanese spam malware repeatedly. The site owner told us that he found two scripts injected into his WordPress site; the first one was located under the site's root directory with the name sw.js, while the other was sitting under wp-includes/js directory with the name font.js. The owner also mentioned that they suspect there is a backdoor which is used to keep infecting their site again and again. While auditing the site for malware, we immediately confirmed the site owner's findings; we … [Read more...] about The free.xjs.lol Spam Injection WordPress Malware Cleanup
wordpress hacked
10 Signs showing your WordPress Site is Hacked
Warning Signs of a WordPress Site been Hacked WordPress sites are notorious for getting hacked. There's a popular misconception that WordPress is faulty and easy to hack. The truth is, WordPress is the most popular CMS powering close to 40% of all sites on the web. As such, we can expect that hackers will target it most often, statistically. Regardless of the fact that naysayers are wrong, the threat is real. You might be experiencing some issues or noticing weird things on your site and you are suspecting that it might be compromised. While it is sometimes easy to spot a WordPress site hacked, sometimes the malware might not be that … [Read more...] about 10 Signs showing your WordPress Site is Hacked
How to Detect and Fix WordPress Malware Redirect Hack
Dealing with a WordPress Malware Redirect Hack, in general, is always a frustrating experience. The malware can come in many forms and present itself with different symptoms, so to speak. It can change the layout of your site, something referred to as defacing, it can crash your site or it can even lead to a partial or a complete loss of content. Sometimes, you won't even know its there at all. It all depends on the motive behind the attack. Some people do it just for the fun of it. Yes, I know - you've put a lot of money, time and effort into your site and it really hurts to think that someone is breaking it just because they can and want … [Read more...] about How to Detect and Fix WordPress Malware Redirect Hack
Did your WordPress site get hacked? Find out what to do next!
WordPress Hacked Issues? If you’re using WordPress, you should know that it gets hacked more often than any other CMS or platform. That’s because of its enormous popularity. In fact, WordPress now powers over 33% of the web accounting for nearly 75,000,000 sites. As such, WordPress is often targeted by hackers for profit. Hacking has become a very lucrative (though illegal) business, earning hackers trillions of dollars each year. That’s right. Trillions. According to some sources, cybercrime generates at least $1.5 trillion annually, costing companies of all sizes a lot more money than they’d like to lose. These statistics show that … [Read more...] about Did your WordPress site get hacked? Find out what to do next!
Pipdig Under Investigation (and Your Options If You Want Out)
If you’re at all involved in the WordPress community, it’s likely you’ve heard about a small commercial theme company called pipdig, which has found itself at the center of some very serious controversy. And while it’s been a little over a week since the scandal broke, people that have been using a pipdig theme or any one of their plugins (specifically pipdig Power Pack (p3)) might find themselves not knowing what to do next. How it All Started On March 29, 2019, Wordfence threat analyst Mikey Veenstra published a report about the small theme company pipdig, which also happens to provides hosting services. This report was shocking to the … [Read more...] about Pipdig Under Investigation (and Your Options If You Want Out)