Oh no! Your site has been hacked! The world now knows to avoid it like the plague and your audience is rapidly shrinking. Terrible news isn’t it? The first time you find out that one of your sites is hacked, a very sinking, horrible feeling comes into play. However, fear not! I’ve seen MANY, MANY websites hacked especially WordPress powered websites. The good news is that FIXING a website that has been hacked by many of WordPress targeted viruses is pretty easy. In this example we’ll learn how to remove “Mass Injection Website 5“
What is Mass Injection 5
According to Symantec, this piece of Malware “injects iframes into website that redirect users to exploit kit hosted sites when visited. These exploit kit sites hosts several different exploits that exploit different client-side vulnerabilities one by one.”
What Files Does it Target?
Okay. So let’s get started on removing this nasty little bug from your site. The first thing to know is WHERE to look. The Mass Injection Website 5 targets the following WordPress files
- index.php (on the site root)
- theme header.php files
These files are usually hacked because of an insecure .htaccess file and / or loosely set directory permissions.
Removing the Malware
Next we have to remove this. And believe it or not, that’s the EASY part.
- Download your ENTIRE site – Fear not, download a site with Mass Injection Website 5 will NOT harm your computer. Just don’t run the files in a web server.
- Find a file with the Malware in it.
- Copy the Malware string into your clipboard – Again, this will NOT harm your computer!
- Do a mass find / replace on the entire downloaded site – We use Dreamweaver to do this.
- Upload the affected (and now cleaned) files back to your web server.
Bottom line is that since WordPress is the world’s most popular piece of web software, the bad guys out have nothing better to do than make good guys like us lives’ harder. Because of the rising threat to WordPress based sites, every self hosted WordPress installation should use security plugins. Currently we use Better WP Security on all of our live production WordPress websites. This has helped us fend off tens of thousands of attacks on our sites and let’s everyone rest easy that their digital assets are protected.