Malicious redirects

I noticed that my site’s shared link is doing a conditional redirect to the URL *, I did some digging and it was a php hack (and most likely) from a plugin or a free theme you downloaded through the admin page. The hack was done with something like this: eval(base64_decode(“DQplcnJvcl9RpbmcoMCk7DQokcWF6cGxt…(snipped a bit)…mlnbm9yZWxpc3QuYeGl0KCk7DQp9Cn0NCn0NCn0NCn0=”)); Start by checking for “eval(base64_decode” your files then the common files […]

Read More