Hello,
My website was recently hacked with:
The issue type is: backdoor:PGP/yzep
Description: A backdoor known as yzep
I have been able to remove the malware from most of the website. I can get it back up and running. But as soon as I click on the contact page, it automatically re-installs some of the malware files. Also I found the code in my child theme’s functions.php file. Now the problem is that I am not a developer/coder. I do not know what the functions.php looked like before the malware was put in there.
It starts like so: <?php $QOFyfujO=”agjMdfRAsyoSUXEK
and ends like so: “)));$oEGscGrjQO();?>
There isn’t any legitimate code on there whatsoever (unlike the functions.php in the parent theme).
Any pointers would be greatly appreciated!
I do not want to share the website link as long as it’s hacked.
Thanks,
Ashish
