Upon waking up this morning, I discovered that someone had added themselves as an owner to this site on Google Webmaster Tools.
Upon further investigation, I discovered that a file HAD been uploaded as verification. Not only that, but the index.php file had been modified with what could’ve been a backdoor.
The attacker had also uploaded a .htaccess file which provided access to that backdoor (although that wouldn’t have worked as I solely use nginx).
I’ve tried investigating further, but I couldn’t see how they had copied the files… Anyhow, I’ve completely reinstalled wordpress, and I’ll be keeping a close eye out for issues.
Liam 25th July 2017
Posted In: Site Updates