Tag: backdoor

Security, Tutorials, WordPress

The one SQL query that catches almost every backdoor admin in WordPress

| by admin | Leave a Comment on The one SQL query that catches almost every backdoor admin in WordPress
Close-up of WordPress JavaScript source code displaying themes:update functions and wp.updates handlers — typical view when auditing WordPress code (photo: Markus Spiske / Pexels)

If a WordPress site of yours has been compromised — even briefly, even silently — there’s a very good chance it now has at least one administrator account that you didn’t create. Most WP malware families plant one as part …

Continue reading "The one SQL query that catches almost every backdoor admin in WordPress"
Security, Tutorials, WordPress

Detecting and cleaning the DOLLY WordPress mu-plugin backdoor

| by admin | Leave a Comment on Detecting and cleaning the DOLLY WordPress mu-plugin backdoor
Hooded figure with neon mask holding tablet displaying 'Uploading Virus' progress bar — visualizing the DOLLY WordPress mu-plugin backdoor exfiltrating credentials

Last week I cleaned a six-site WordPress compromise on one of my OpenLiteSpeed boxes. The most interesting payload was the “DOLLY” mu-plugin family — a credential-harvesting backdoor that hides itself with a few clever tricks and survives most casual cleanups …

Continue reading "Detecting and cleaning the DOLLY WordPress mu-plugin backdoor"