Wiki: pwiki.arkcls.com
We noticed that a new gzip file appeared in our Media area called Pwikiwiki.xml.gz on 1 April 2019 at 00:00. It appears to have been uploaded by a new user called "Maintenance script". This user was created on 1 March 2019 at 00:00. No one in our team here at ARK CLS is aware of either this user or the file. We suspect that it is malicious in some way. As this is a private wiki I'm surprised that a new user would have sufficient privileges to be able to upload a file.
I've also noticed other unusual users as follows:
"Delete page script"
"GDPRAccount"
I would be very grateful if someone in support team could comment. I would plan to delete the file and block these users.
Best regards
Adrian Bennetton