We suffered a trojan attack recently on themes in our Wordpress hosting account. Here were the findings:
httpdocs-hacked/wp-content/themes/twentytwelve/404.php: {HEX}php.nested.bf404.538.UNOFFICIAL
FOUND
httpdocs-hacked/wp-content/themes/twentytwelve/alsa-sound.so:
Unix.Trojan.Roopre FOUND
httpdocs-hacked/wp-content/themes/twentyfourteen/404.php:
{HEX}php.nested.bf404.538.UNOFFICIAL FOUND
After a lot of headache we’ve thankfully managed to restore the Wordpress website. We have deleted the above themes completely as they were not being used anyway. Alongside ensuring that Wordpress, the remaining theme and all plugins are regularly updated to the latest versions, what else can we can do to reduce the chances of this occurring again please?
For example, are there any read/write amends we can do to the theme folders / files?
Thank you.