Comments on: More Details About a WordPress Attack Making the Rounds

By: 321gobetlogin

321gobetlogin — Mon, 15 Dec 2025 19:43:04 +0000

Hey folks! Just tried out 321gobetlogin, easy peasy login process, just like I like it! Quick and painless. Makes getting into the games a breeze. Check it out for yourself! 321gobetlogin

By: ??????

?????? — Sun, 21 Sep 2025 04:10:41 +0000

I don’t think the title of your article matches the content lol. Just kidding, mainly because I had some doubts after reading the article.

By: registre-se na binance

registre-se na binance — Mon, 02 Jun 2025 21:06:30 +0000

Your article helped me a lot, is there any more related content? Thanks!

By: David G. Johnson

David G. Johnson — Thu, 22 Dec 2016 15:07:26 +0000

In reply to Andrew Klaassen.

Hey Andrew!

You’re most welcome. I’m thrilled that you found the information useful. That’s why we do posts like this. Glad you got your problem sorted out and fixed.

Cheers!

By: Andrew Klaassen

Andrew Klaassen — Fri, 11 Nov 2016 04:51:50 +0000

Thank you so much for detailing the error and answer. I was wondering why one file kept going back to 200 permissions. I saw that you said there was over 1000 spaces and then the malicious code so I looked at the file and boom there was the malicious code.
I am very grateful for this post, thanks again.

By: Reason #478 to Update WordPress and Plugins | EpiphanyDigest

Reason #478 to Update WordPress and Plugins | EpiphanyDigest — Wed, 19 Mar 2014 19:00:38 +0000

[…] planning to writeÂ In this post, I provided more details about it and an update explaining exactly what to do if you fa…. It’s not particularly difficult to fix, but if you have 1500 files across 40 sites affected, […]

By: David G. Johnson

David G. Johnson — Mon, 17 Feb 2014 23:15:45 +0000

In reply to James.

Thanks for your note, James. So far, clean up for me has involved downloading the files via FTP, stripping out the malicious code, and re-uploading.

Once I’m sure I’ve gotten everything in a particular WordPress install, I’m uploading a fresh copy of the latest version of WordPress. Then I run the database upgrade if that installation wasn’t already running the latest version.

As far as prevention goes, I am hopeful that having an updated version of WordPress and patching all plugins, removing any that are no longer being updated, will help prevent this from reoccurring.

Thankfully, the latest versions of WordPress will now automatically discover and install updates (at least to WordPress core), so leaving an old unpatched site lying around is going to become more and more difficult to do.

By: James

James — Mon, 17 Feb 2014 22:59:47 +0000

I’ve actually seen something very similar to what you’re talking about in this post in the past month or so. The malware goes after index.php, wp-config.php and header.php and injects a huge chunk of obfuscated code right at the beginning of the file. In your post you never do say how you cleaned up the code or how you’re going about preventing it from happening in the future. Any thoughts?