Another Malware attack on WordPress sites (wp-apps.php & wp-count.php)

One of my hosting account has been affected by this Malware. So far, haven’t been able to figure out how it got there.

Two files are created in WordPress directories: wp-apps.php and wp-count.php
And in the theme, mostly footer.php is modified. This code gets added to the file.

< ?php error_reporting(0);include_once $_SERVER['DOCUMENT_ROOT'].'/wp-apps.php';? >

Using latest version of WordPress now. I removed the files before couple of times, but the files come back again like after a week.

Some of my websites have WordPress installed in directories, as in
These folders don’t get affected. Only the ones with TLDs in the name get affected. Also the site in public_html doesn’t get affected. I could try changing all the passwords, too many sites, too many passwords, bummer…besides I wouldn’t find out how did the files get there.

The virus files: wp-count.php.txt & wp-apps.php.txt


Leave a Comment

Captcha * Time limit is exhausted. Please reload CAPTCHA.

Related Posts