Malware infections are spreading in WordPress that cleverly disguise themselves as common programs.

Characteristics of Malware

Malware up to now has been obfuscated and is a single line of code that is instantly recognizable as malware.

Example

However, this malware, which has been spreading recently, is often named RandomString.js.php and has the following code. (This is a screenshot, so it is safe.)

The above type of malware is not easily recognizable as malware at a glance, and is very cleverly made to look like general programming, with multiple lines, randomly changing comment content, and randomly changing code even though the functionality remains the same. This makes malware detection difficult with pattern matching and makes it a difficult type of malware to find even visually.

*But a closer look at the code reveals that the code and comments do not match at all.

return $linkcheck . '.' . $v_header_list; // There must exist an expired lock, clear it and re-gain it.

Also, this malware can be placed anywhere on the server.

How to find and remove the malware?

We try to detect this type of malware as much as possible with the latest malware detection patterns of the [Free] WordPress:Malware Scan & Security Plug-in [Malware and Virus Detection and Removal].

As new patterns are discovered, we are constantly registering new patterns to improve our detection.

Related Posts:

  1. Five types of malware embedded in WordPress
    Here are some of the types of malware embedded in WordPress that are common these days. If similar code is included in the site’s program, we suspect that WordPress has been hacked and tampered with....
  2. Example of backdoor to plant malware code in $_HEADERS in WordPress
    We will explain about the type of backdoor that puts the main body of malware code in $_HEADERS, which has been increasingly detected in recent years....
  3. It is dangerous to get rid of WordPress malware infected sites one by one!
    If you have multiple WordPress sites on multiple domains under a single contract, and it is clear that several of them are infected with malware (tampered with), it may be dangerous to repair them one by one....
  4. WordPress malware Random one-byte alphanumeric folders with large numbers of HTML files hosted illegally
    This article describes this type of tampering, as there have been an increasing number of cases in which WordPress has been hacked and a large number of malicious files have been hosted in random one-byte alphanumeric folders without permission....
  5. If you do not know where the malware infected malware is located or if you cannot find it
    This section explains what to do if you do not know the location of infected malware or if you cannot find it....
  6. Free WordPress:Best Malware Scan & Security Plug-in, made in Japan [Malware and Virus Detection and Removal].
    24-hour protection for your WordPress site. Plug-in that checks (detects and confirms) and removes defacement, hijacking, hacking, malware, backdoors, and virus infection of your WordPress site, and restores your WordPress site. Plug-in that checks and detects WordPress site code from patterns of malicious code (malware, viruses, defacement, hacking damage) ranging from patterns from sites restored by WordPress Doctor. WordPress Doctor...