First of all sorry if this question doesn’t seems to be fit on this platform. I am confused itself. (Please let me know if it related to other platform, i will post there).
I got a client website (WordPress) and he said that his site is hacked and when he open any website link it’s redirected to different unwanted links and website never opened.we need to remove all the malware code and make site working.
So i have uploaded multiple malware scanning plugin and scan the whole
public_hhtml folder (with help of plugin as well as some sort of manually checking each and every folders all files). Now i got this:-
Code is added almost in all js file of that WordPress website. (it’s all about 600 files because it’s a shared hosting and having more than 10 big projects there).
Now i have below questions:-
1.How this code added to all js files (Manually doing into 600 files is not a logical answer)?
2.What is the functionality of this code? (what it is going to do)?
3.How does some-one get access of this much files?(Client says that he never share any details to any-one)
I tried to decode this code (base64_decode) but unable to find out anything useful.
When i removed this code from all files ,sites started working properly.
Please let me know if any other details are required.Thanks