Hackers Have Attacked WordPress sites with Malware
Recently, web hackers have found a vulnerability in older versions of WordPress which allows attackers to infect multiple plugins on several websites. The infection causes affected websites to create several hundred random files containing malware scattered throughout various folders and subfolders on the website. This eventually causes the website to be flagged by Google and blocked for malware prevention. (To keep up with news regarding this attack, visit Sucuri.net)
WordPress has since updated to version 4.1, which has patched the exploit that hackers used to infect sites. Websites using older versions (prior to 4.1) are encouraged to update immediately.
Butler can help fix this problem, or prevent it from occurring to your site!
Preventing the problem
The prevent this attack from happening you should follow these steps:
- Conduct an immediate backup of your website
- Update to WordPress 4.1
- Reinstall the latest version of your theme (some themes are not compatible with WordPress 4.1, and in such cases a new theme must be installed)
Fixing the problem
If your site has already been infected and flagged by Google for malware, follow these steps (you can only restore from the latest backup):
- Completely uninstall WordPress and remove all files
- Have your site “unblacklisted” from Google by adding it to Google Webmaster Tools and submitting a request to Google to review your site to ensure that it is malware free
- Install WordPress 4.1
- Upload the latest backup of your website, along with the latest version of your theme and update all plugins (again, in some cases a new theme must be used)
NOTE: to prevent malware attacks like this in the future, secondary layers of website protection are recommended
If you’re website is running on a version of WordPress prior to 4.1, contact Butler today.