WordPress.org

Ready to get started?Download WordPress

Profiles

useshots

Profile picture of useshots
  • Member Since: June 21st, 2008
  • Posted a reply to "Parse error? And general trouble with plugins and the FTP", on the site WordPress Support Forums:
    If you reinstall everything then nothing will be corrupted (at least until reinfection). You need…

    4 weeks ago

  • Posted a reply to "Have I been hacked? Yes, no or maybe", on the site WordPress Support Forums:
    The best way to remove malicious code when hundreds of files are infected is replace…

    4 weeks ago

  • Posted a reply to "Hack? Please help me, don't know what to do", on the site WordPress Support Forums:
    Sucuri has an update about the MailPoet http://blog.sucuri.net/2014/07/mailpoet-vulnerability-exploited-in-the-wild-breaking-thousands-of-wordpress-sites.html but I agree that it's not the…

    4 weeks ago

  • Posted a reply to "Malign Code Injected Into ALL .php Files", on the site WordPress Support Forums:
    Do you mean this http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html ? This buggy malware corrupts lots of PHP files. The…

    4 weeks ago

  • Posted a reply to "Virus PHP", on the site WordPress Support Forums:
    Valentina, do you mean this issue http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html ?

    4 weeks ago

  • Posted a reply to "log in fatal error", on the site WordPress Support Forums:
    Download files using FTP and inspect them, or user FileManager in the Control Panel, or…

    4 weeks ago

  • Posted a reply to "Hack? Please help me, don't know what to do", on the site WordPress Support Forums:
    Yes it's wide spread and on many sites we saw that hackers checked for vulnerable…

    4 weeks ago

  • Posted a reply to "Hack? Please help me, don't know what to do", on the site WordPress Support Forums:
    Many sites have been similarly hacked http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html I guess hackers use a vulnerability in some…

    4 weeks ago

  • Posted a reply to "URGENT - Parse error: syntax error, unexpected ')'", on the site WordPress Support Forums:
    Just reinstall WordPress to restore core files. Then disable all plugins by renaming the wp-content/plugins…

    4 weeks ago

  • Posted a reply to "Infected php, can't get into admin.", on the site WordPress Support Forums:
    Looks like this: http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html If it's it, you should restore everything from a clean backup…

    4 weeks ago

  • Posted a reply to "log in fatal error", on the site WordPress Support Forums:
    It's hard to tell from outside. All I can see it is broken. It may…

    4 weeks ago

  • Posted a reply to "Have I been hacked? Yes, no or maybe", on the site WordPress Support Forums:
    The original problem description resembles this ongoing massive attack http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html If it's it, you should…

    4 weeks ago

  • Posted a reply to "log in fatal error", on the site WordPress Support Forums:
    Check if it's the same problem http://wordpress.org/support/topic/parse-error-and-general-trouble-with-plugins-and-the-ftp?replies=2

    4 weeks ago

  • Posted a reply to "Parse error? And general trouble with plugins and the FTP", on the site WordPress Support Forums:
    This may be relevant to this massive attack that corrupts WordPress files http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html If it's…

    4 weeks ago

  • Posted a reply to "Fatal error when accessing wp-admin", on the site WordPress Support Forums:
    Make sure all core WordPress files are intact. There is currently a massive attack that…

    4 weeks ago

  • Posted a reply to "URGENT - Parse error: syntax error, unexpected ')'", on the site WordPress Support Forums:
    Hey, It's hard not to see what's wrong! There are a few kilobytes of malicious…

    4 weeks ago

  • Posted a reply to "NEW Administrator Added - IP from Slovakia!!!", on the site WordPress Support Forums:
    This sounds like this attack http://blog.sucuri.net/2014/07/malware-infection-breaking-wordpress-sites.html It is always from this IP 94.136.150.28 Most likely…

    4 weeks ago

  • Posted a reply to "Cookie Warning Popup", on the site WordPress Support Forums:
    This reminds of the latest Sucuri article: http://blog.sucuri.net/2014/05/website-infections-malicious-redirect-to-porn-website-target-wordpress-and-joomla-users.html Make sure to check wp-config.php (with word…

    3 months ago

  • Posted a reply to "Blackjackonline ad. in my posts", on the site WordPress Support Forums:
    OK, I found the link. http://www.UnmaskParasites.com/security-report/?page=www.bymmb.com/excel-offset-kaydir-fonksiyonu-kullanimi-ve-ornegi/ You can check if it is in the posts…

    4 months ago

  • Posted a reply to "Blackjackonline ad. in my posts", on the site WordPress Support Forums:
    For people who investigate such issues it matters.

    4 months ago

  • Posted a reply to "Blackjackonline ad. in my posts", on the site WordPress Support Forums:
    Which pages exactly? Where can we find that link? Do you always see it or…

    4 months ago

  • Posted a reply to "Injection of External Links", on the site WordPress Support Forums:
    Hello, We, at Sucuri, see this infection on quite a few sites. It's quite sophisticated…

    4 months ago

  • Posted a reply to "HELP PLEASE! malware ruining my life", on the site WordPress Support Forums:
    @ClaytonJames: I know, it always happens when I post snippets of malicious code. Unfortunately, I…

    2 years ago

  • Posted a reply to "HELP PLEASE! malware ruining my life", on the site WordPress Support Forums:
    I wrote an article about this infection: http://blog.unmaskparasites.com/2012/03/07/you-need-to-pay-for-this-crypt-trial-version-of-malware/

    2 years ago

  • Posted a reply to "Files being added to one of my sites", on the site WordPress Support Forums:
    Hi, Do you have raw access logs for the last couple of days? Log analysis…

    2 years ago

  • Posted a reply to "HELP PLEASE! malware ruining my life", on the site WordPress Support Forums:
    @rxdlr: I see this malware on many sites. The malicious code is usually at the…

    2 years ago

  • Posted a reply to "Dealing with exploit related issues", on the site WordPress Support Forums:
    That PHP code seems to inject spammy links from "genshop .org" into web pages. It…

    3 years ago

  • Posted a reply to "Google shows wrong URLs for my WordPress site, despite a correct URLs in XML sit", on the site WordPress Support Forums:
    Hi, How Google can know that you no longer want those old page to be…

    3 years ago

  • Posted a reply to "sh: /usr/local/bin/python", on the site WordPress Support Forums:
    Hi, Here's a link to Sucuri's post about this: http://blog.sucuri.net/2011/07/python-no-such-file-or-directory-your-site-is-likely-compromised.html In my experience. most of…

    3 years ago

  • Posted a reply to "Theme decoding thread", on the site WordPress Support Forums:
    This was an interesting obfuscation technique. I gather, this site repackages someone else's themes and…

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    Thanks! So there were 2828 requests to those deleted 51.php pages? Correct? Interesting, how many…

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    I guess these stats include visits to legitimate pages? It would be interesting to have…

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    Hi, I've finally published results of my investigation: http://blog.unmaskparasites.com/2011/05/05/thousands-of-hacked-sites-seriously-poison-google-image-search-results/ The article contains detailed information on…

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    @iciman: Here are a few of my blogposts that show how malware steals passwords saved…

    3 years ago

  • Posted a reply to "Blog Hacked - Need Advice", on the site WordPress Support Forums:
    Do you have a recent database backup?

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    Hi, I checked hundreds of infected sites (with nn.php scripts) and almost every one of…

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    Thanks @jbekker and @Abdessamad Idrissi. Did you notice the .log/ directory or some other directory…

    3 years ago

  • Posted a reply to "XML parsing error", on the site WordPress Support Forums:
    Hi, Can anyone send me this 96.php (or whatever it is called on your server)…

    3 years ago

  • Posted a reply to "I've been hijacked", on the site WordPress Support Forums:
    You should find out how those files got there. If you don't close the security…

    3 years ago

  • Posted a reply to "blog hacked - how can I return it to how it was?", on the site WordPress Support Forums:
    @geester1: What exactly was hacked? And what is in those "core" files? There shouldn't be…

    4 years ago

  • Posted a reply to "Media Temple oeaou hack", on the site WordPress Support Forums:
    @Nicholas: When dealing with malware warning even Google's own documentation is not clear enough and…

    4 years ago

  • Posted a reply to "Media Temple oeaou hack", on the site WordPress Support Forums:
    @Nicholas and MediaTemple webmasters: mdhenshaw has quoted MT response about how they cleaned compromised websites.…

    4 years ago

  • Posted a reply to "Media Temple oeaou hack", on the site WordPress Support Forums:
    @xyclopsoft: There is no need to have the "executable" flag in permissions of .php files.…

    4 years ago

  • Posted a reply to "Media Temple oeaou hack", on the site WordPress Support Forums:
    One more request to post wp-config.php permissions. Trying to understand if this only happens to…

    4 years ago

  • Posted a reply to "Media Temple oeaou hack", on the site WordPress Support Forums:
    @entilza72: I'm not a MediaTemple customer and don't know details of their platform. http://weblog.mediatemple.net/weblog/2010/08/06/security-facts/ In…

    4 years ago

  • Posted a reply to "My site seems to be non-existent, please help!!", on the site WordPress Support Forums:
    WHOIS: http://www.whois-search.com/whois/mikesmithconsulting.co.uk Registration status: Renewal required. *** This registration has been SUSPENDED. ***

    4 years ago

  • Posted a reply to "Media Temple oeaou hack", on the site WordPress Support Forums:
    Hi, There have been many similar problems on MediaTemple lately. Can you check permissions of…

    4 years ago

  • Posted a reply to "Have I been hacked? Username: "amin"", on the site WordPress Support Forums:
    @mchriston: Please monitor your sites for at least a couple of days. This is the…

    4 years ago

  • Posted a reply to "Have I been hacked? Username: "amin"", on the site WordPress Support Forums:
    >These attacks are exclusive to accounts with WordPress ONLY I guess that hackers know WordPress…

    4 years ago

  • Posted a reply to "Have I been hacked? Username: "amin"", on the site WordPress Support Forums:
    Good point madjax. Let's think about how hackers could write into WP tables. 1. The…

    4 years ago