1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

3-Step Fix for your rr.nu WordPress Virus Outbreak

Written by SPK Blog Post
Published on March 9, 2012

Symptoms of the rr.nu WordPress Virus:

WordPress-based websites infected with the virus are redirecting visitors to a fake virus-scan website. The URL looks like http://*.rr.nu.

When you check the files on your server, the following line is inserted into your .php files, such as wp-config.php:

<?php /**/ eval(base64_decode("aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNz


Remove all instances of the offending code. The problem is it typically requires finding and editing 300 files; most websites will tell you to delete your entire WordPress installation and reinstall, but here are instructions on removing the malware without reinstalling each plug-in:

    1. CHANGE YOUR PASSWORD. Change all your passwords, everywhere. Your website was compromised because your password failed.
    2. BACKUP YOUR DATA. Make a copy of your entire website and keep it locally – better safe than sorry!
    3. RUN THE SCRIPT. Attached is a BASH script that will fix the problem. You’ll want to put it in your WordPress directory, mark it as executable, then run it. Click here to download the remove-rr-nu-virus.sh script.
    4. (Alternately, instead of downloading the script you can go to your WordPress install directory and paste this paragraph into a relatively large, single line of executable code into the console. Note that it’s multiple lines here, but needs to be executed as a single line in Linux.)
for file in $(grep -Hlr "aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcp
BnZX" .); do sed -e "s/));?>/));?>\n/g" $file | sed -e "/aWYoZnVu
MoJ21yb2JoJykpeyAgICBmdW5jdGlvbiBnZX/d" > $file.temp; mv $file.te
mp $file; echo Fixed infected file $file; done

There’s no problem that can’t be solved – it’s just a matter of having the right resources and knowing where to find the best answers!  If you believe your wordpress website has been hacked, and if the above seems like Greek to you, send us an email at support@spkaa.com and we can help you get your website back under your own control!

Latest White Papers

Excellence in Automotive Software Engineering eBook

Excellence in Automotive Software Engineering eBook

ALM tooling, when implemented correctly, can support automotive software engineering, Agile transformation journeys and linking requirements to business strategy, encouraging collaboration. Additionally, it can be helpful for providing an overview of QA and testing...

Related Resources

4 Advantages of SolidWorks Cloud PDM (Updated 2023)

4 Advantages of SolidWorks Cloud PDM (Updated 2023)

Considering the leap to cloud-based CAD and PDM solutions? A move to platforms like SolidWorks 3D CAD in the cloud paves the way for unmatched flexibility. Imagine accessing intricate engineering data from anywhere at any time. And, the benefits don’t end there. In...

GitLab and DevSecOps For Solid Software Development

GitLab and DevSecOps For Solid Software Development

Staying competitive requires more than just code and creativity. In fact, it demands way more. For example, a strategic approach to streamline development, ensure security, and foster collaboration. Two methodologies emerged to address these needs: DevOps and...