User 123@abc.com, which you don’t remember creating in WordPress, is an admin user that hackers add illegally.


Hackers create unauthorized users on WordPress

WordPress administrator privileges are powerful privileges that allow you to edit, add, and even delete any file on the server, including adding plugins on the server.

Therefore, hackers can take advantage of vulnerabilities to create backdoors into the site and create users with unauthorized administrator privileges on WordPress.

Reference
Percentage of WordPress sites that are hacked

User 123@abc.com, which you don’t remember creating in WordPress

User 123@abc.com, which you don’t remember creating in WordPress, is an admin user that hackers add illegally.

Other unauthorized administrator users often have the following characteristics

・Creation of zero posts or fixed pages
・Random and meaningless string of user IDs
・Email address from a completely unrelated domain, or an email address containing a random and meaningless string of characters

Countermeasures

If there are user 123@abc.com, this user is an administrator user that hackers produce illegally. We recommend that you delete this user if it exists.
(We recommend that you back up your database when deleting the user.)

It is also possible that files on WordPress have already been modified by the unauthorized user.
For this reason, we recommend that all sites on the server be scanned for malware and removed.

Reference
If no WordPress malware is found, where is the malware hidden?
What to do if multiple (or all) sites on a single server are infected with malware

Free WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].

Our experienced technicians will take care of WordPress WordPress malware removal and security measures on your behalf. Please feel free to send us your request or consultation.

Related Posts:

  1. IDs, email addresses of unauthorized users of WordPress
    One of the methods of WordPress hacking is for hackers to manipulate the database and add unauthorized users without permission. We recommend that you regularly check your WordPress account to ensure that no unauthorized users have been added to your account....
  2. Is it dangerous to install PHPMYADMIN in the same folder as WordPress?
    phpMyAdmin is a widely used database management system that allows you to view your database and make all possible edits and modifications in your browser, but it can cause security problems if it is installed in the folder where WordPress is installed. We will explain the reasons for this....
  3. What is a WordPress injection attack?
    There are various methods by which WordPress can be hacked, the most common of which is called an injection attack. This section describes these injection attacks....
  4. Reasons for repeated hacker defacement and malware infection on WordPress sites
    Once a WordPress site has been defaced by hackers, embedded malware, or infected with a virus, the site may be repeatedly defaced even after you think you have removed the malware. We will explain how to deal with such cases....
  5. Check regularly for unauthorized users added to WordPress!
    This section describes the defacing of a WordPress site by adding an unauthorized user....
  6. WordPress, dealing with spam indexing, where pages you don’t remember creating get caught in search results.
    We will explain how to deal with spam indexing, a common symptom of recent WordPress tampering, in which pages that you do not remember creating are caught in the search results....