Jump to content

Xrggs Folder Appeared In My Account


Recommended Posts

Hi folks, in one of my accounts I have discovered a folder called xrggs, appears to have been created on Dec 2, 2009.


The folder contains a php script, qeu.php, which I can't quite tell what it's meant to do. It contains several functions that use fwrite() fopen() pregreplace, mkdir... appears to be a hack. I have removed the folder from my account. I'm just curious what others experience might be. I run a wordpress blog on this account - the site still works fine, but this attempted hack is cause for some concern.


Google search for "xrggs" and wordpress doesn't turn up anything. Just a search for xrggs folder doesn't get anything either. Very strange!

Link to comment
Share on other sites

Unless you haven´t added any extensions to wordpress near that date that would have added this folder, I would open a ticket with the help desk and ask them to see if the account have been comprimised etc.


Also, make sure that you have the latest and secure versions of wordpress and all the extensions.


After that, change all passwords (cpanel, databases and so on).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...