Seems like more and more themes are infected with the malware “(counter-wordpress.com)”. Things you need to do if your theme is infected:
- Open wp-config.php and delete everything after:
require_once(ABSPATH . ‘wp-settings.php’);
- Open index.php and delete everything between:
- Re-install WordPress from within the WordPress Dashboard. Sometimes this can fix the infection
- Replace timthumb.php with the latest version
- Clear your browser cache, cookies…
- Change your WordPress administration login details and MySQL passwords also
Read more here
Thanks for the tips!
Mind explaining the effects of this?
It was greatly explained in the link he posted. http://blog.sucuri.net/2011/08/mass-infection-of-wordpress-sites-counter-wordpress-com.html
Thanks for the extra info dude.
Ah – I didn’t notice it because TF links aren’t underlined and the green looks a bit like the black on my screen – sorry about that.
My client’s site wasn’t infected, and I was able to update timthumb.php quickly.
Thanks for the tip. Done all the updates. I’m still not clear on how to know if you’ve been infected though.
I got hit on one of my sites – the best way is to check your wp-config and see, at the end, if it has 100s of lines of whitespace, 30 lines of inserted code and another 100 or so lines of whitespace.
I have updated script late night