The eval(base64_decode) virus attack in wordpress

Last day, it came into my notice that our FOSS website, foss.amrita.ac.in gets redirected to some .uk malicious websites, when external links were clicked from websites like Facebook, Google. I was going through the wp-admin->Edit Theme files and it came to my notice that the entire files were infected by a virus which encoded some php code in base_64 encryption.

snapshot3
Continue reading