1043 posts
  • Has referred 200+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
Pixelworkshop says

The title says it all, did this happened to you ? And how did you proceed ? I’m a bit lost and don’t know where to start… I’m scanning my computer and also waiting for a reply from my hosting company. Thanks for any help, that’s really annoying :(

1950 posts Do the Needful
  • Has sold $125,000+ on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has been part of the Envato Community for over 4 years
  • Has referred 10+ members
+10 more
JamiGibbs says

Is this a WordPress site? First thing I do is open up my install files (via FTP ) and sort them by date. This will most likely bring the infected files to the top of the list.

Then it’s a matter of replacing those infected files. Generally though, I’ll remove and replace the entire wp-admin and wp-includes folders.

And of course, change all your passwords (WordPress and server side).

1043 posts
  • Has referred 200+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
Pixelworkshop says

Thanks Jami ! It’s my main website containing all demos (HTML and WP), I thought about deleting everything, changing passwords and reupload but it may happen again if there’s a security issue somewhere. But I’m trying to see if it doesn’t come from my computer first, thanks again for the advices :)

1043 posts
  • Has referred 200+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
Pixelworkshop says

Ok it looks like all my index.html files have been replaced (subfolders for the demos)... So I guess that my FTP login and passwords have been found

3497 posts
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $750,000+ on Envato Market
  • Located in United States
  • Helps us moderate the forums
+10 more
sevenspark Moderator says
Pixelworkshop said
Ok it looks like all my index.html files have been replaced (subfolders for the demos)... So I guess that my FTP login and passwords have been found

Not necessarily. If you had a security vulnerability that allowed someone to inject malicious code into your site and execute it on your server, it could have written all sorts of files. Might want to check and make sure you’re not using and old version of timthumb (from before August), or have any directories with global execute/write privileges (e.g. 777)

Good luck, getting hacked sucks :(

1043 posts
  • Has referred 200+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+9 more
Pixelworkshop says

Thanks sevenspark, I’ll have to check that all, or I’ll redo everything just to be sure :)

Helpful Information

  • Please read our community guidelines. Self promotion and discussion of piracy is not allowed.
  • Open a support ticket if you would like specific help with your account, deposits or purchases.
  • Item Support by authors is optional and may vary. Please see the Support tab on each item page.

Most of all, enjoy your time here. Thank you for being a valued Envato community member.

Post Reply

Format your entry with some basic HTML. Read the Full Details, or here is a refresher:

<strong></strong> to make things bold
<em></em> to emphasize
<ul><li> or <ol><li> to make lists
<h3> or <h4> to make headings
<pre></pre> for code blocks
<code></code> for a few words of code
<a></a> for links
<img> to paste in an image (it'll need to be hosted somewhere else though)
<blockquote></blockquote> to quote somebody

:grin: :shocked: :cry: Complete List of Smiley Codes

by
by
by
by
by
by