ALERT
Hey guys, I am Sam, I am a freelancer and apparently after July I start facing problem in my hostings. I work on many hosting and all of them got infected with malware no idea how it gets to there.
LET ME EXPLAIN HOW DOES
The malware and virus look alike and act.
1 - It infects all of your index files and add some PHP code in it.
2 - if you are using HTML it will rename your HTML file to .bak.bak and make an index file and include the .bak.bak while adding an include statement to include malware.
3 - the path on include was encoded on PHP, nonreadable form. and was pointing toward some .ico file and that ico file contains the code that I can't open.
4 - what it does it whenever your website got opened by visitor it downloads something in your website hosting. the path to add the file could be anywhere even in the root of the hosting on in the.(DOT) folder.
5 - I have noticed a cron job which is from my knowledge is a task scheduler right?
Even if you delete the malware it comes back instantly or after a day sometime. Please check your PHP hosting and let me know if you find any suspicious files in your hosting. One of my hostings the virus was consuming 60 GB of space.
I think this is the fault in PHP or some in WordPress as I have the WordPress installed in all of the hostings. Does anyone of you has been facing such issues? LET ME KNOW to PLEASE my clients are pissed. they thought I put that in there to make a profit.
Aucun commentaire:
Enregistrer un commentaire