38 posts Themes Kingdom - Kindom of Awesomeness
  • Had an item that was trending
  • Has sold $250,000+ on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Made it to the Authors' Hall of Fame
+6 more
themeskingdom
says

Seems like more and more themes are infected with the malware “(counter-wordpress.com)”. Things you need to do if your theme is infected:

- Open wp-config.php and delete everything after: require_once(ABSPATH . ‘wp-settings.php’);

- Open index.php and delete everything between:

require(’./wp-blog-header.php’); ... ?>

- Re-install WordPress from within the WordPress Dashboard. Sometimes this can fix the infection

- Replace timthumb.php with the latest version

- Clear your browser cache, cookies…

- Change your WordPress administration login details and MySQL passwords also

Read more here

1479 posts The right tools with none of the gimmicks
  • Has referred 100+ members
  • Has sold $75,000+ on Envato Market and is now an Elite Author
  • Has been a beta tester for an Envato feature
  • Has collected 10+ items on Envato Market
+7 more
PixelBin
says

Thanks for the tips!

2067 posts
  • Has collected 50+ items on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
  • Located in United States
Landonw
says

Mind explaining the effects of this?

30 posts
  • Has been part of the Envato Community for over 3 years
  • Sells items exclusively on Envato Market
  • Located in United States
PleaseR
says
LandonWilson said
Mind explaining the effects of this?

It was greatly explained in the link he posted. http://blog.sucuri.net/2011/08/mass-infection-of-wordpress-sites-counter-wordpress-com.html

Thanks for the extra info dude.

2067 posts
  • Has collected 50+ items on Envato Market
  • Has been part of the Envato Community for over 5 years
  • Sells items exclusively on Envato Market
  • Located in United States
Landonw
says

Ah – I didn’t notice it because TF links aren’t underlined and the green looks a bit like the black on my screen – sorry about that.

My client’s site wasn’t infected, and I was able to update timthumb.php quickly.

548 posts
  • Has been part of the Envato Community for over 5 years
  • Has referred 1+ members
  • Has collected 100+ items on Envato Market
  • Located in United States
tonvie
says

Thanks for the tip. Done all the updates. I’m still not clear on how to know if you’ve been infected though.

386 posts
  • Has been part of the Envato Community for over 6 years
  • Has collected 500+ items on Envato Market
  • Located in United Kingdom
kops
says

I got hit on one of my sites – the best way is to check your wp-config and see, at the end, if it has 100s of lines of whitespace, 30 lines of inserted code and another 100 or so lines of whitespace.

548 posts
  • Has been part of the Envato Community for over 5 years
  • Has referred 1+ members
  • Has collected 100+ items on Envato Market
  • Located in United States
tonvie
says

Thanks kops, checking now :)

275 posts
  • Had an item that was trending
  • Has referred 10+ members
  • Has sold $10,000+ on Envato Market
  • Has been part of the Envato Community for over 5 years
+2 more
Anjum
says

Thanks themeskingdom

I have updated script late night

3007 posts
  • Has been part of the Envato Community for over 5 years
  • Has referred 200+ members
  • Has sold $250,000+ on Envato Market
  • Had an item featured in an Envato Bundle
+8 more
duotive
says

Yeah… removed the infection for two customers who did not update the theme when we released the update… i presume there will be more to come!

by
by
by
by
by
by