# Website hack



## MrGrumpy (13 Jan 2022)

My wife has a Wordpress website for her business however it’s come to our attention that it was hacked. They have been using it to send out spam emails. Anyone recommend a good malware remover ? We think they have gone in via some out of date plugins . Lesson learned etc . Removed the unneeded plugins and updated the others.


----------



## IaninSheffield (13 Jan 2022)

Might this help? https://wpmunk.com/wordpress-spam-email-problem-solved/


----------



## MrGrumpy (13 Jan 2022)

Yep Malcare found stuff but I was hoping for a cheaper alternative.  . Will pay just they wanted $299 a year for the pro version to clean it properly ! Seems a tad steep !


----------



## Darius_Jedburgh (13 Jan 2022)

Try these..
https://www.malwarebytes.com/


----------



## Ming the Merciless (13 Jan 2022)

Restore it from a recent backup to start. Do you know when it got hacked?


----------



## MrGrumpy (13 Jan 2022)

Darius_Jedburgh said:


> Try these..
> https://www.malwarebytes.com/


That’s for devices , that’s not the issue it’s her website . I’ll keep looking , may have found something else that will work for a small donation.


----------



## MrGrumpy (13 Jan 2022)

Ming the Merciless said:


> Restore it from a recent backup to start. Do you know when it got hacked?


No idea to be fair , it’s when she starts seeing spam emails being sent from her account. Looking at things now in detail !


----------



## Ming the Merciless (13 Jan 2022)

MrGrumpy said:


> No idea to be fair , it’s when she starts seeing spam emails being sent from her account. Looking at things now in detail !



Surprised her email is hosted on same server as website to be honest. Most email is hosted separately.


----------



## GeekDadZoid (13 Jan 2022)

Ming the Merciless said:


> Surprised her email is hosted on same server as website to be honest. Most email is hosted separately.



Possibly not that the server is on it, just that the site has the ability to send emails, wordpress has that natively which is what is often exploited. 

Normally these issues are either caused by password cracking or an exploited plugin.

I would recommend Wordfence as an initial option and see what the free version finds.

Update all passwords to all the account and also make sure there are no new accounts. 

Check if there are any new pages that should not be there.

Check the plugins are the ones you expect. 

If you want to send the URL or some screen shots on PM happy to have a look.


----------

