Malware in Cyberpanel Log error TXT


Using imunify360 over cyberpanel instalation

November 17, 2022 11:50 AM insert_drive_file cyberpanel
SMW-INJ-16178-js.spam.redi-2 Infected

Hello @lmilani Happy you are here

You have been infected by a js.spam.redi malware - SMW-INJ-16178-js.spam.redi-2 injected js redirection malware that comes from nulled themes, plugins that redirect users to spam sites and nefarious websites

This might take you some time to identify and stop it but if you are only running a single website start by taking that website offline and examine the code with an editor and lookup the following files:

  1. .htaccess
  2. all and any js files
  3. remove all the wordpress core files and delete them. Reinstall fresh copy
  4. all and any php files - wp-content/**
  5. check wp-config.php for possible backdoors that followed the injection etc.

The best approach is diff a backup of the website vs the currenct copy via an IDE like Jetbrains ides or vscode