How to Clean away.bettershitecolumn.com Malware - Magefix.com

Here is the latest cleanup guide for away.bettershitecolumn.com malware with updated content.
To add more valuable information to this article, please contact us.

Try our Free site check.

Follow these steps to recover from this hack:

Step 1

Backup

Before applying any fixes, perform a full account backup, including web files and database.

Step 2

Assess the malware impact

Find all the sites that share the same hosting account. If you have two or more websites, all are likely infected.

Step 3

Reviewing site components

Review each site carefully, making sure you’re running the latest site version. Preferably rebuild the core files, plugins, and themes offline.

Step 4

Analyze files left from the previous site version

Any PHP, JS or ICO files recovered from the previous site version should be manually reviewed.

Step 5

Check for backdoors

Attackers often install malicious backdoor files, to regain access. Also, unauthorized users with admin privileges are created. And less often, malicious cronjobs or PHP processes are running in the background, creating bad files. Look for backdoor files, users, cronjobs, PHP processes, and newly created email and FTP accounts.

Malicious domains: shar-pei.top, 0.trackspecialsdomain.com, 0.trackspecialdomain.com, di4.biz, browork3er.cc, groundflares.com, trackspecialdomain.com, groundflares.net, 0.groundflares.com, 0.goldflowerservice.com, silverlinetogther.net, cawanmyoropurka.gq, goldflowerservice.com, repappcloud.com, lukoil-promotion.online, bettershitecolumn.com.

Malicious URLs
https://away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
https://away.bettershitecolumn.com/fly.php
IPs: 185.177.94.108 ( DataWeb Global Group B.V. )

Linked malicious attack:
https://guides.magefix.com/2022/05/legendarytable-com/

Need help? Let us clean your site.