How to fix a WordPress website hacked by "zend_framework" malware

Posted on Sat 22 June 2013 in HowTo, Linux, Sicurezza, Ubuntu (EN), WordPress

I admit. This website, like thousands of others, has been hacked! I still have to identify the precise source of the attack, but I've found out that is very common. I was able to discover about the attack just because the dashboard of WordPress stopped working. I decided to investigate and I found this strind on top of every .php file

Just googling I discovered that I was not alone

How to fix this?

The best solution would be to restore the files with a valid backup, but sometimes this is not possible. Here comes an handy bash solution (note: you need to be able to access your hosting with a SSH shell to execute this command):