Hack increase since last update

• 

  ryupl8 · Member · Jun 5, 2020 at 4:46 pm

  • Copy link
  • Add topic to favorites

  Hey all –

  Just wondering if anybody else is experiencing a huge uptick in attacks since last WP update.

  I am getting hit with script injections, modified files, and malware uploads on a regular basis now despite many years of successfully using Wordfence & Defender in conjunction for site security.

  My latest alert email from WF for example:

  Critical Problems:

  * File appears to be malicious: .well-known/index.php

  * File appears to be malicious: .well-known/pki-validation/index.php

  * File appears to be malicious: btihhdjo.php

  * File appears to be malicious: cgi-bin/index.php

  * File appears to be malicious: index.php

  * File appears to be malicious: wp-admin/load-scripts.php

  * File appears to be malicious: wp-config.php

  * File appears to be malicious: wp-content/plugins/all-404-redirect-to-homepage/hjzrtfsr.php

  * File appears to be malicious: wp-content/plugins/imagify/inc/classes/class-imagify-assets.php

  * File appears to be malicious: wp-content/plugins/imagify/views/notice-grid-view.php

  * File appears to be malicious: wp-content/plugins/updraftplus/vendor/composer/autoload_namespaces.php

  * File appears to be malicious: wp-content/plugins/wordfence/css/uuxisrpb.php

  * File appears to be malicious: wp-content/plugins/wordfence/fonts/dznlqtyy.php

  * File appears to be malicious: wp-includes/Requests/Proxy/pyzsbyfe.php

  * File appears to be malicious: wp-includes/SimplePie/XML/gsjckdvx.php

  * File appears to be malicious: wp-includes/blocks/cywgemqf.php

  * File appears to be malicious: wp-includes/class-wp-customize-manager.php

  High Severity Problems:

  * Unknown file in WordPress core: wp-admin/css/colors/.3c88b790.ico

  * Unknown file in WordPress core: wp-includes/Requests/Proxy/pyzsbyfe.php

  * Unknown file in WordPress core: wp-includes/SimplePie/XML/gsjckdvx.php

  * Unknown file in WordPress core: wp-includes/blocks/cywgemqf.php

  * WordPress core file modified: index.php

  * WordPress core file modified: wp-admin/load-scripts.php

  * WordPress core file modified: wp-includes/class-wp-customize-manager.php

  If this continues, I think I’m going to start moving my sites away from WordPress altogether!

• 

  deancroyal · Staff · Jun 9, 2020 at 12:01 am

  • Copy link

  Hi there – you’ve reached the WordPress.com forums which provide support for sites hosted on WordPress.com.

  It looks like what you have there is for a self-hosted WordPress site, which you’ll want to post over in the community forums at WordPress.org to find some help: https://wordpress.org/support/forums