A few of my WordPress sites got infected with this nasty code today (this site was safe as it was on a different server)

The sites that were infected were all hosted by goDaddy

A few symptoms:

– the CSS was messed up in the admin panel so when I logged in, the formatting was wrong

-when you would go to these sites from a PC (the Mac seemed to be safe from this Malware) – a fake AV attack was launched and prompted me to download this software to fix it – i believe it was from a site realsafe-23.net and suitcase52td.net

It also mentioned security threat analysis

-the only way I could get rid of the screen was to do a Ctr+Alt+Del and end the Firefox session

-it wanted me to click OK to get some sort of fix which of course I did not do

Clearly this was an attack on my WordPress sites and many people have been having this same exact issue today.

The WordPress malware fix was very simple and explained below…

download this file and rename it to wordpress-fix.php

Use FTP to upload it to your site

Run it using your browser as: http://yoursite.com/wordpress-fix.php

Wait a few minutes until the script is done – it will scan your whole site and remove the malware entries

When the script is done, go back to your site and remove the “fix” file

Check out this blog for more information about these attacks

Share