If your website is affected by this type of malware, do the following:
Try our Free site check.
- Perform a backup for the main website on the server – including web files and database. Then check all your other sites and perform backup for each.
- Disable public access to prevent further data loss, blacklists and Google penalties.
- Clean the sites following our last guide, or purchase a cleanup plan;
Signs that indicate your website may have been hacked:
Suspicious redirects: If your website starts redirecting visitors to other websites or pages that you didn’t intend, it could be a sign of a hack.
Unauthorized access: If you notice new user accounts that you didn’t create or if your own login credentials are no longer working, it could be a sign that a hacker has gained unauthorized access to your website.
Google warnings: If your website suddenly displays a warning from Google that it may be unsafe, it could be because it has been compromised by a hacker.
Malicious software: If your website visitors report that their antivirus software is detecting malware or viruses on your website, it could be because a hacker has injected malicious code into your website.
If you suspect that your website has been hacked, it’s important to take immediate action to address the issue and protect your website and its visitors.
Infected files: index.php, wp-reset.php, wp-includes/js/, wp-includes/functions.php, and other JS files related to jQuery.
Bad IPs: 220.127.116.11, 18.104.22.168
Need help? Let us clean your site.