Fredulent Activity, Website Hijacked

lifebywyetha · Member · Apr 14, 2024 at 6:55 pm
Copy link

Add topic to favorites
I received an email from one of my affiliates that I was removed from a program for a ‘Fraudulent Transaction Sale’ becuase another entity, ‘https://annapascual.com/’ has hijacked my website.

It’s all my content, my links EVERYTHING and I don’t know what to do about this. I’ve changed my password, updated my security about 2 months ago and still this has happened.

WP.com: Yes
Jetpack: Yes
Correct account: Yes

The blog I need help with is: (visible only to logged in users)
faisalahammad · Member · Apr 14, 2024 at 10:31 pm
Copy link
As I suspect, they are copying the content and publishing it on another website via an RSS feed or REST API. You can disable the RSS feed and REST API by following the steps in the articles below.

WordPress Disable RSS Feed

How to Disable WordPress REST API (2 Methods)

Here is how they might be doing it: https://rudrastyh.com/wordpress/copy-page-to-another-site.html.
evolvewebhostingofficial · Member · Apr 15, 2024 at 2:10 am
Copy link
Stopping an attack is very difficult and changing your passwords isn’t enough. That’s a start but usually they’ve already injected code within your files that they can trigger remotely. Finding their back door is the trick. Personally, I’d suggest a malware scanner and firewall. Otherwise, as fast as you remove one piece of malware, they’ll inject another.
lifebywyetha · Member · Apr 15, 2024 at 1:33 pm
Copy link
Thank you. I’ll try this.
lifebywyetha · Member · Apr 15, 2024 at 1:35 pm
Copy link
This is something similar to what Dreamhost said when I reached out to them.

No items found.