Premium WordPress Theme AVADA hacked and infected with malware

Wordpress
Wordpress

WordPress Theme Avada infected by malware?

Today I had another case where a client's WordPress site was hacked. The hoster sent a list of files that contain malicious code. Noticeable here: All bad files are in the directory of the [Wordpress Theme-> wordpress-themes] "Avada":

  • /wp-content/themes/Avada/framework/plugins/LayerSlider/layerslider.php
  • /wp-content/themes/Avada/wp-conf.php
  • /wp-content/themes/Avada/atom-conf.php
  • /wp-content/themes/Avada/.cached
  • /wp-content/themes/Avada/bruteforceng.so

I am particularly concerned about the file "bruteforceng.so", because it is a Unix library that obviously aims to hack something using [Bruteforce-Attacke-> bruteforce]. It may be that other servers are also to be attacked, but I couldn't get more details from the file.

A look at the styles.css in the Avada directory tells me that it is version 3.1.1 of the WordPress theme. We will now import the current theme version again, but I think that version 3.1.1 has a security hole somewhere, because it is remarkable that the malware is concentrated on the Avada directory.

But I am happy to pass on the development in this case. We are currently waiting for the hosting to be reactivated by Host-Europe. There domains with malicious code are immediately blocked and you have to remove the malware and write to support before the hosting is reactivated.

-

Did you like the article and did the instructions on the blog help you? Then I would be happy if you the blog via a Steady Membership or at Patreon would support.

Leave a Comment

Your e-mail address will not be published.