38 posts Themes Kingdom - Kindom of Awesomeness
  • Has referred 1+ members
  • Has sold $250,000+ on Envato Market
  • Has been a beta tester for an Envato feature
  • Has collected 100+ items on Envato Market
+5 more
themeskingdom says

Seems like more and more themes are infected with the malware “(counter-wordpress.com)”. Things you need to do if your theme is infected:

- Open wp-config.php and delete everything after: require_once(ABSPATH . ‘wp-settings.php’);

- Open index.php and delete everything between:

require(’./wp-blog-header.php’); ... ?>

- Re-install WordPress from within the WordPress Dashboard. Sometimes this can fix the infection

- Replace timthumb.php with the latest version

- Clear your browser cache, cookies…

- Change your WordPress administration login details and MySQL passwords also

Read more here

1479 posts The right tools with none of the gimmicks
  • Has referred 50+ members
  • Has sold $75,000+ on Envato Market and is now an Elite Author
  • Has been a beta tester for an Envato feature
  • Has collected 10+ items on Envato Market
+6 more
PixelBin says

Thanks for the tips!

2063 posts
  • Has collected 50+ items on Envato Market
  • Has been part of the Envato Community for over 4 years
  • Sells items exclusively on Envato Market
  • Located in United States
Landonw says

Mind explaining the effects of this?

30 posts
  • Has been part of the Envato Community for over 3 years
  • Sells items exclusively on Envato Market
  • Located in United States
PleaseR says
LandonWilson said
Mind explaining the effects of this?

It was greatly explained in the link he posted. http://blog.sucuri.net/2011/08/mass-infection-of-wordpress-sites-counter-wordpress-com.html

Thanks for the extra info dude.

2063 posts
  • Has collected 50+ items on Envato Market
  • Has been part of the Envato Community for over 4 years
  • Sells items exclusively on Envato Market
  • Located in United States
Landonw says

Ah – I didn’t notice it because TF links aren’t underlined and the green looks a bit like the black on my screen – sorry about that.

My client’s site wasn’t infected, and I was able to update timthumb.php quickly.

548 posts
  • Has been part of the Envato Community for over 4 years
  • Has referred 1+ members
  • Has collected 100+ items on Envato Market
tonvie says

Thanks for the tip. Done all the updates. I’m still not clear on how to know if you’ve been infected though.

361 posts
  • Has been part of the Envato Community for over 5 years
  • Has collected 100+ items on Envato Market
  • Located in United Kingdom
kops says

I got hit on one of my sites – the best way is to check your wp-config and see, at the end, if it has 100s of lines of whitespace, 30 lines of inserted code and another 100 or so lines of whitespace.

548 posts
  • Has been part of the Envato Community for over 4 years
  • Has referred 1+ members
  • Has collected 100+ items on Envato Market
tonvie says

Thanks kops, checking now :)

274 posts
  • Has referred 1+ members
  • Has sold $10,000+ on Envato Market
  • Has collected 1+ items on Envato Market
  • Sells items exclusively on Envato Market
+1 more
Anjum says

Thanks themeskingdom

I have updated script late night

3007 posts
  • Has been part of the Envato Community for over 4 years
  • Has referred 200+ members
  • Has sold $250,000+ on Envato Market
  • Had an item featured in an Envato Bundle
+7 more
duotive says

Yeah… removed the infection for two customers who did not update the theme when we released the update… i presume there will be more to come!

by
by
by
by
by
by