According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
===> Reinstall WordPress from scratch or revert to a known, safe backup. <===
According to Sucuri, WordPress administrators who have been hacked should strongly consider taking the following steps to eradicate the intruders and infections:
- Log in to the administrative panel and remove any unfamiliar admin users (the first step after the attackers get in is to add a new user).
- Change all passwords for all admin users (and make sure all legitimate accounts are protected with strong passwords this time!)
- Update the secret keys inside WordPress, otherwise any rogue admin user can remain logged in.
- Reinstall WordPress from scratch or revert to a known, safe backup.
Check also:
- http://www.scoop.it/t/wordpress-annotum-for-education-science-journal-publishing?tag=WordPress