Basecamp Export

From the list: Dr. Edelman http://www.juliaedelmanmd.com/

✔ Site is Hacked - Check out breach

Hector M. added this on Mar 27, 2023
Completed Aug 01, 2023 by Alyssa W.

Assigned to: Hector M. Isaac K.
Notes: Isaac
It looks like the Russian & other international hackers have managed to get into this site's blog. Please take a look at the site as they have a few blogs which are spam.. See some below:

https://www.juliaedelmanmd.com/1win-app-in-india/
https://www.juliaedelmanmd.com/1xgames-skachat-na-android-zhelajuschim/
https://www.juliaedelmanmd.com/1xbet-ofitsialnyj-sajt-i-rabochee-zerkalo-prjamo-sejchas/
https://www.juliaedelmanmd.com/poznaj-ofert-legalnego-kasyna-online/

Thank you

Comments & Events

Isaac Klausnser

Hector

- OK. I am on it.

Mar 27, 2023 at 2:25 PM Notified 1 person

Isaac Klausnser

Hector

- I just checked and interestingly it's coming up as clean on most of the malware scanners and also all of the plugins and themes including wp-core files are already up to date.

I will create a support ticket with the WPengine team regarding this.

Mar 27, 2023 at 2:32 PM Notified 1 person

Isaac Klausnser

Hector

The WPengine team has confirmed. There is no malware script on the website. As per them since all these spam posts were created by the admin account username - edelmanmd. It could be that this user account got locally compromised. I have now reset the password for this admin account along with two others just to make sure and also deleted all the spam posts.

Below are the new credentials for the client's admin account.

Username: edelmanmd
Password: zZ9iuIoPOzzQBPns(5En3R2o

New password for our Medstar team admin account.

User: medstar
Password: Givemethanos123#@!

Please re-submit the sitemap and let me know if you still see any suspicious activity on the website.

Mar 27, 2023 at 5:33 PM Notified 1 person

Hector Mota, Operations Manager

Thank you for looking into this and implementing all of those changes Isaac.
I have resubmitted the sitemap and let Shane know to resubmit the ads approval.
I will update the spreadsheets.

Thanks.

image.png 29.1 KB • Download

Mar 28, 2023 at 6:54 PM Notified 1 person

Hector Mota, Operations Manager

Isaac

Shane says the ads got rejected by Google because they do not think the site is yet clean.
Can you please check to see why this is happening?

Mar 30, 2023 at 3:22 PM Notified 1 person

Isaac Klausnser

Hector

- As per both the hosting and their security company and the new firewall company that we have set up on this website. There is no malware on this website anymore. It's clean. Have we already tried saving the ads campaign?

Apr 04, 2023 at 1:01 PM Notified 1 person

Hector Mota, Operations Manager

Isaac

thank you for following up and letting me know about all the steps taken to secure this site.

Shane

I see the ads back on now so does this mean we are good to go?

Apr 05, 2023 at 4:09 PM Notified 2 people

Shane Quast

Ads are still suspended.

Apr 05, 2023 at 5:58 PM Notified 2 people

Hector Mota, Operations Manager

So what do we do then

Shane

? Or better yet, what can we do?

Apr 10, 2023 at 12:41 PM Notified 2 people

Shane Quast

We either need to wait, or bring it a specialist to make sure the hack is fully resolved.

Apr 10, 2023 at 8:02 PM Notified 2 people

Hector Mota, Operations Manager

Isaac is our specialist. And he said that as per both the hosting and their security company and the new firewall company that we have set up on this website, there is no malware on this website anymore. It's clean.

Apr 12, 2023 at 7:13 PM Notified 2 people

Alyssa Workman

Isaac

can this be closed?

Aug 01, 2023 at 6:17 AM Notified 3 people

Isaac Klausnser

Alyssa

- Yes. Please. Thank you.

Aug 01, 2023 at 6:34 AM Notified 3 people

Alyssa Workman completed this to-do.

Aug 01, 2023 at 6:43 AM