Recover from Anonymousfox WordPress Hack

Last updated: October 23 2020

If you recently noticed new email accounts created or suspicious FTP accounts, your hosting account is probably affected by anonymousfox hack.
Attackers exploit web files via WordPress and later edit .contactemail file, which helps them to re-gain cPanel access.
In order to sort this issue, there are several steps to take:

Need help? Let us clean your site.

Step 1
Restore cPanel access.
  • Go to cPanel > Contact Information and change primary and secondary email and restore Pushbullet token.
  • Remove all FTP accounts under FTP Accounts.
  • Remove all suspicious email accounts under Email Accounts.
Step 2
Perform a thorough malware cleanup.

Malicious users:

Try our Free site check.