HI All. I hope this is the right forum. I volunteer to manage a wordpress website for a fire department (I'm no expert). Today I found out that my index.php fille had been changed and an admin account had been created with the name Solevisible. the wp-admin.php file was also changed at 2am my time. At the top of the wp-admin.php file is
/*
Author: Solevisible/Alfa-Team
Telegram: https://telegram.me/solevisible
YouTube: https://youtube.com/solevisible
Gmail: [email protected]
Date: Monday, September 14, 2020
*/
Although I don't know what was changed in that file. The site seems to function correctly. Is this malware? if so how do I fix it? Many thanks
You have been hacked. This Dam Alfa thing they always try to prove my site. Once you clean your site, I can send you code snippets to lock if down.
I highly recommend having a pro fix your site, because it is not even that easy for experts to discover everything and install wordfence and do a scan