How to Fix Silence is Golden Website Hack?

How to Fix Silence is Golden Website Hack – This is one of the olden day hacking method. Normally, Silence is golden is all within the index file. Just an empty file with no code and a comment on a single line saying “Silence is golden.” But wait, for no reason whatsoever, there must be some explanation why this file is empty? The answer to that is safety. This will also involve a bad server configured to display the file directories!

Using the.htacess or server setup, you can turn the listing of directories off.

How to Fix Silence is Golden Website Hack – A Very Old Malware

Today, in WordPress installations, we have found very old malware that activated and alarmed. Timing is the year 2015 and ends with the following files in 2016:

/wp-admin/includes/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-admin/maint/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-content/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-content/plugins/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-content/themes/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-content/uploads/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-includes/pomo/index.php: {HEX}Malware UNOFFICIAL FOUND
/wp-includes/Text/index.php: {HEX}Malware UNOFFICIAL FOUND

One of our client request: 

Last week one of my website (Silence is Golden Website Hack) has been hacked or infected. After experiencing some odd behavior of a directory panel, I felt that each index.php file of the directory was affected (these are usually kinds of “defaced” files in WordPress and unfortunately, this was!

The following code line was contained in every index.php in my wordpress directory, (and nothing else – everything else was wiped):

// Silence is golden.

The admin side of the web is still working and the front end appears okay. I have reviewed the files for index.php again and still contain the above ‘golden silence’ code line.

How is this possible? I have directly got the files from a fresh WordPress installation …? Nor did I enable the plugins … This cannot be my plugins because I have used the same set of plugins and kept them up to date without issues for 2 years.

In database tables, however, there is something fishy … Among all the wp tables, I found a table named fssstats … I was wondering if my index.php files could be infected by a sql injection?

In an attempt to ftp individual index.php files, I also extracted the WordPress installer package into your local HDD but checked the newly unpacked WordPress folders for interest … I found they were also ——

Here are the steps he has taken in an attempt to fix it:

  1. deactivated all my plugins
  2. uninstalled a theme I recently installed (and completely removed it)
  3. Backed up my database tables (.sql file)
  4. backed up my plugins and images folders
  5. Wiped everything off the server
  6. Re-installed wordpress & uploaded backups
  7. Imported sql database tables

But, it doesn’t worked.

We use our WAF and certified expert to clean hacked website which can remove any malware.