Security issues created to WordPress installation

Received this warning in Google Chrome last night when i tried to open my website built in WordPress.

Warning: Something's Not Right Here! contains malware. Your computer might catch a virus if you visit this site.

I immidiately tried some anti-virus and security plugins and found a reference to some non-familiar files on my server. (I stil wonder how were these files placed on my server.). The scan results showed reference to a non familiar file named wp-includes/wp-var.php. The php file ran an eval() script as shown below:

if (isset($_POST['wp-load'])) {

I visited Google Webmaster Tool for more information and found 4 references to URL with malware. Here’s one:

Obviously, the wp-count.php was another php file created to support the malware. I did another manual comparison on WordPress files and found more non-wordpress files having eval() and un-friendly php code in them.

I thought this information may be helpful for someone trying to remove the similar malware infection and code injection breaches.

Complete list of malware files found on my server:

Some helpful Security, Antivirus and Scanning plugins for WordPress:

Wordfence Security (it fixed all my issues)
Better WP Security
WP Security Scan

I am submitting a review request to Google right now. Let’s hope everything is fine now.

Leave a Reply