My blog has been hacked.

  • Unknown's avatar
    laurenoliviamcmahon · Member ·

    To whom it may concern,
    My blog has been hacked and I can’t seem to gain access to my admin login.

    http://thesoundoffashion.ie/
    http://thesoundoffashion.ie/wp-admin

    I have my blog hosted on https://www.letshost.ie and I have emailed them multiple times about this issue and they are insisting that their server was not breached or hacked that WordPress on my site was breached with malware.
    I don’t have any backup’s of my blog and they are charging €50 to give us an earlier version of the blog before it was breached.
    They said the following;

    ‘We got in touch with our hosting company and they believe the issue is in some code. See the comment below;
    The following file has recently changed (most recent timestamp – Oct 23 05:29 ) wp-content/themes/pipdig-aquae/footer.php, contains obfuscated/jumbled code and is generating the following errors since
    [15-Oct-2016 15:20:01 UTC] PHP Warning: fopen(.SIc7CYwgY): failed to open stream: No such file or directory in /home/thesoun2/public_html/wp-content/themes/pipdig-aquae/footer.php(9) : eval()’d code on line 82
    Further to the above our malware scanner found the following entries of note.:
    ‘/home/thesoun2/public_html/wp-content/plugins/all-in-one-seo-pack/all_in_one_seo_pack.php’
    # Script version check [OLD] [WP All In One SEO Ext v2.2.7.6.2 < v2.3.9.2]
    ‘/home/thesoun2/public_html/wp-content/themes/arubanights/footer.php’
    # Regular expression match = [decode regex: 6]
    ‘/home/thesoun2/public_html/wp-includes/version.php’
    # Script version check [OLD] [Wordpress v4.0.13 < v4.6.1]
    We would recommend asking your designer to clean up the code and update WordPress. Failure to keep WordPress up-to-date will result in code hacks/vulnerabilities.
    If you have any queries on the above, please let us know.
    Regards,
    Declan’

    We use a theme for the blog from https://www.pipdig.co/ and I’ve been in touch with him and he found the code that cotains the malare. He said;

    ‘Hi Lauren,
    Unfortunately it looks like your website has been compromised with malware. I’d recommend contacting https://sucuri.net/ who will be able to help clean the files for you.
    Once the site is cleaned, you may wish to install a security plugin such as WordFence to try and avoid it happening again. There are also other security measures you can take, but I’ll let the experts handle that at Securi as they are much better placed to advise on this.
    I’ve attached a clean copy of your themes to this message for you. You will most likely need to install this as part of Securi’s cleanup process.
    Hope you get it sorted!
    Phil’

    I’m not sure what to do next, everyone is blaming someone else and I’m scared that all my hard work on the blog is gone :(

    Thanks

    Lauren

    The blog I need help with is: (visible only to logged in users)

  • Unknown's avatar
    themagicrobot · Member ·

    This is a perfect example of why I’m happy to stay here at WordPress.com. And why it is a good idea to take regular .xml backup files (especially if you’re using WordPress.org). These are the WordPress.com forums. Staff can help you with thesoundoffashionblog.wordpress.com. but have no access to your other .ie sites. You need to be asking for help at the .org support forum although it seems you have already narrowed the issue down to your theme.

    https://wordpress.org/support/

  • The topic ‘My blog has been hacked.’ is closed to new replies.