JS.Small-C Trojan Horse
A reader inform me that my website has been hacked. It shouldn’t come as a surprise since my wordpress is not the latest version and the Internet is not exactly a ’safe’ place but then again, why of all the millions of websites must it be me?
Luckily my site is still accessible but the most frustrating part is that I had a hard time figuring the problem as my AVG scan is not showing any problems. After consulting with my my friend, I found out that Avast antivirus detects the problem. I finally manage to simulate the error message as shown in the picture above.
After searching the web for an answer, I found some clues to where the problem might lie -> http://forum.avast.com/index.php?topic=55017.0 The solution states to delete the particular malicious code from header.php but when I open directly from my ftp (I’m using fireftp in Firefox), the code cannot be found. I decided to check my backup which was done this morning and the malicious code can be found. I finally decided to login using cpanel, file explorer to open the header.php and successfully deleted the malicious code.
I’m not going to figure out why when I FTP the file, the code is missing. I will rather spend time changing all my passwords and preparing myself to upgrade my Wordpress.
On a final note, I must emphasis the importance of doing regularly backup especially for a lazy person like me who don’t update Wordpress. In the worst case scenario, you can still restore everything from your backup.
