How to Clean Up Wordpress Malware

How to Clean Up WordPress Malware

Posted by Kit Elliott in Install Wordpress, Motley Mix, News

SuperAffiliate.com has been hit with a “malware” and after a couple of cleanups – I wanted to document how to fix malware on WordPress in case this happens to you.

Here are the steps that I took (thanks to Hostgator‘s help!)

FIRST – I replaced all my old WordPress files with brand new 2010′s files! That actually did 1/2 the trick. The other half -

What are malicious iframes and what causes them?

Over the years hackers found it hard to trick people into visiting suspicious sites so they’re now targeting legit sites and using them to infect unknowing customers. In most cases an FTP account’s password is obtained through key logging malware, then legit website files are modified to distribute the malware and gather more passwords. If your PC has been infected with one of these trojans, your bank account, email accounts, and FTP accounts may no longer be secure.

* What to do if you find malicious iframes

1. Use the following online vulnerability scanner and ensure your software is up-to-date: http://secunia.com/vulnerability_scanning/online/?task=load

2. Download antivirus and fully scan your PC for malcious files. Here are some free online scanners:

http://housecall.trendmicro.com/

http://www.bitdefender.com/scan8/ie.html

http://www.kaspersky.com/virusscanner

http://support.f-secure.com/enu/home/ols.shtml

3. Update all passwords that may have been obtained. Do not use old passwords, generate new ones.

4. Upload older versions of the files or contact support for assistance removing the malicious iframes.

* Prevention

- Ensure you use the latest browser version

- Disable javascript