Lightning-fast WordPress on Nginx

malware files inside /wp-content/updraft/emptydir/ seems to be trend

This topic is empty.

Viewing 8 posts - 1 through 8 (of 8 total)

Author

Posts
February 15, 2024 at 11:45 am #12194

Ethan
Guest

Saw this on a client site:

/wp-content/updraft/emptydir/admin.php full of malware code, what is this folder created by Updraft doing anyways? and why so easy to add malware inside that folder.

February 15, 2024 at 11:46 am #12195

Christina
Guest

Backup is placed in FTP

why is this folder installed by Updraft? they don’t say.

February 15, 2024 at 11:47 am #12196

Scott
Guest

Damn. Is Updraft getting exploited?

February 15, 2024 at 11:47 am #12197

Jose
Guest

Not the first time. Been happening for a few years at least:

Recovering from a WordPress Plugin Exploit

February 15, 2024 at 11:47 am #12198

Albert
Guest

We’ll also extract and copy the public_html/index.php file from the old backup to the server, because the existing one looks weird (it contains a PHP @include directive to include the file /home/username/public_html/wp-content/updraft/emptydir/.684f3ddd.ico using some octal escapes (\nnn) to unnecessarily (they were standard ASCII characters) specify some of the characters in the file name.

February 15, 2024 at 11:48 am #12199

Michelle
Guest

Some shady results on Google serps also infected

https://www.google.com/search?q=%22updraft%2Femptydir%22

February 15, 2024 at 11:49 am #12200

Christian
Guest

weird.

February 15, 2024 at 5:19 pm #12214

Kevin
Guest

is this Updraft’s fault? or some permissions thing that is allowing malware to put files in there as a convenient location sort of like the /wp-content/upgrade/ folder or something???
Author

Posts

Viewing 8 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic.

© 2024 SlickStack. All rights reserved. Powered by HoverCraft.