![[FCO]FreeCoursesOnline](https://onehack.us/uploads/default/original/3X/b/4/b4d2fc8468becec1e9976784dba394e5a378ec81.jpg){kind=small}
Hi, i found i a file in my core wordpress installation which recreate after i delete that.No matter how many times i delete that.And by googling i found that this file related to JSON Web Token (JWT), which can be used by hackers to gain access.as i can not delete that file i assume it is malicious…i talked to the siteground support and they said they have nothing to do.There are lot of hackers there, i hope you guys can help with the removal.The file is located in wp-admin.
File name: e9e6c70243f58b4144b87db4e3541ed9
File-content: https://docs.google.com/document/d/1yYvS_HOpR_XFHJBYssbBeARK7wqLH7BgPh-S120oDNE/edit?usp=sharing
You may find these helpful:
- https://medium.com/101-writeups/hacking-json-web-token-jwt-233fe6c862e6
- https://habr.com/en/post/450054/
Thank you