Suspicious Admin Accounts – Are These Legitimate or Malicious?
-
Hi everyone,
I’ve recently noticed a few suspicious administrator accounts appearing on my WordPress site, and I’m quite concerned. The accounts are:
(email visible only to moderators and staff)
(email visible only to moderators and staff)
wp_update-OorvUcLq
None of these were added by me or my team. I’m trying to understand:
Are any of these accounts officially created by WordPress or part of some automatic update system?
Is it safe to delete them?
Could this indicate that my site has been compromised? If so, what are the best steps to secure it?
I’ve already taken basic precautions such as changing admin passwords and checking user activity, but I would really appreciate some expert input or similar experiences from others.
Thanks in advance!
WP.com: Yes
Jetpack: No
Correct account: YesThe blog I need help with is: (visible only to logged in users)
-
Hello @saarthionline!
I took a look at your site and noticed that it’s not hosted on WordPress.com, as you can see here:https://wordpress.com/site-profiler/saarthionline.com
What you’ll want to do now is ask your question on the WordPress.org community forums at this link:
https://wordpress.org/support/forum/how-to-and-troubleshooting/
This forum is perfect for sites like yours that use WordPress software but aren’t hosted with WordPress.com.
If you’re curious about the difference between WordPress.com and WordPress.org, this guide explains it quite well:
https://wordpress.com/support/com-vs-org/
Feel free to reach out if you have any other questions or if there’s anything else we can assist you with. We’re here and happy to help further if needed!
- The topic ‘Suspicious Admin Accounts – Are These Legitimate or Malicious?’ is closed to new replies.
WordPress.com Forums 