Just had this alert appear
Trojan:JS/Foretype.A!ml
Alert level: Severe
Date 01/12/2020 14:23
Category: Trojan
Details: This program is dangerous and executes commands from an attacker.
Affected items
\woocommerce-admin\dist\data\index.min.js
Any ideas why this might alert my AV?
A redirect virus has taken over my site and is infecting all of my site visitors. It redirects you to a page that seems like it needs you to verify that you are not a robot by clicking “allow” when really you are giving it permission to spam you.
With an ad blocker I can see the site, but when I log in and try to go to my dashboard (or any other pages) it says there is a web error.
None of the forums have been able to help and there is no support line or chat at wordpress, which is frustrating because this is an immediate issue.
WARNING: This plugin uses redirects via caching to send visitors to ads.
Do NOT USE till it is sorted out.
I’m interested in your plugin, however when I went to your demo site my web anti-virus detected and blocked what it believes is a Trojan. Is this an issue with the demo site itself or the plugin?
Name: Trojan-Downloader.JS.Agent.oms
Precision: Exactly
Threat level: High
Object type: File
Object name: country-select.min.js?ver=5.1.0
Object path: https://demo.flycart.org/woo-discount-rules/demo1619700111/wp-content/plugins/woocommerce/assets/js/frontend
MD5: 20C744DF0572B693CD5ABC0D9B200996`
The homepage of one of my customers was completely out of control after a malware attack that set a redirection to awkward websites. I tested several malware removal plugins and MalCare was the only one that was able to identify and repair the corrupted file (footer.php of the Avada theme).
I installed this theme and once i tired to check the demos it completely broke my site and all the other websites also get down. cPanel is also not opening after installing this theme..
100% hijacked to inject a virus into your site. Do not download.
I created an account just to post this. I’ve been using this plugin since 2013 when the original author Bangbay Siboliban was still apart of maintaining it. This plugin only did one thing, and it did that one thing very well. Sadly, the new authors changed the original intent of this plugin and forced 400,000 users into using their new bloatware. This is a total bait and switch that none of us wants and should be against the TOS.
As a developer myself, I have no idea how this was ok’d. You should create a new plugin if you want to make something that goes against the original intent, or have the new features as an addon. This is borderline website hijacking.
Hello, I am seeing some logs that I do not understand much, such as the following, I use the version of wordpres 5.0.4, I have downloaded it and the file that shows the plugin as suspicious does not appear, I understand that the wp-include folder is not modify, then I think it could be a malicious code ??? thanks in advance and sorry for my english…
Severity: enSuspiciousThreatType
File: wp-includes/blocks/tag-cloud.php
File signature: f7be43fc98f7578936d51a63c06fb130
Threat signature: f7be43fc98f7578936d51a63c06fb130
Threat name: Heur.AlienFile.gen
Threat: Unknown file in core
Details: Detected unknown file in core directory`
Hi,
Wordfence alerted me of a security issue with profilepress 3.1. So I updated the plugin, but all of a sudden I found that an unknown administrator was added to my website.
Now, could that be something that has was a vulnerability of profilepress 3.1? I am just trying to understand how this could have happened and I am hoping for an honest answer.
Thanks
Please see this video
Its a 14 seconds video which explained my sites issues.
When i open my sites , it is being redirected to another link.
Hosting guys says its due to ‘corrupt .htaccess file and SQL injections etc.’
Hosting is namecheap.
This has been happening with all of my websites again and again in last month. I have 15 sites and this issue has happened with my sites many times.
I ran scanner many times, read reports and cleared my cpanel many times, one by one.. But still i don’t know how the hell this issue is happening ?
Every time I have to come to hosting support and they do something like disbale htacess file or restore default file and they fix one site,. And meanwhile fixing this , another site breaks down.
SO My question is
Can your plugin stop this ?
Stop these issues or stop breaking my sites again and again ???
Please reply me with your expertise and advice
Thank you!!!
Its a 14 seconds video which explained my sites issues.
When i open my sites , it is being redirected to another link.
Hosting guys says its due to ‘corrupt .htaccess file and SQL injections etc.’
Hosting is namecheap.
This has been happening with all of my websites again and again in last month. I have 15 sites and this issue has happened with my sites many times.
I ran scanner many times, read reports and cleared my cpanel many times, one by one.. But still i don’t know how the hell this issue is happening ?
Every time I have to come to hosting support and they do something like disbale htacess file or restore default file and they fix one site,. And meanwhile fixing this , another site breaks down.
SO My question is
Can your plugin stop this ?
Stop these issues or stop breaking my sites again and again ???
Please reply me with your expertise and advice
Thank you!!!
Hello,
In connection with the fact that one site has recently been infected with malware, I want to ask about some antivirus (plugin).
I don’t need anything complicated, all it takes is free, compatible with the latest version of wordpress and doesn’t put too much strain on the system.
Please help
Thank you
bu eklenti kurulduktan sonra, alan adı siteyi virüslü bir siteye yönlendiriyor.
eklentiyi kaldırınca, sorun düzeliyor.
Once this plugin is installed, the domain redirects the site to an infected site.
Uninstalling the plugin fixes the problem.
best regards..
W3-cache folder Automatically appear on wp-content/uploads. If i deleted the folder it comes again. I do not know how the folder appear.
Note: i deleted w3 total cache plugin.
why W3-cache folder Automatically appear on wp-content/uploads. If i deleted the folder it comes again. I do not know how the folder appear.
Note: i deleted w3 total cache plugin.
I was interested in purchasing this plug in for a project. Watched the videos and it seemed to have everything I needed. When I went to go click to buy, from here, and on their own website it gets blocked by Malwarebytes Browser Guard saying it’s a Phishing website and may contain malware. It sends me to 1.envato.market on both sites.
There is simply no way that I can find to talk to anyone from armember on their website to bring it up, and I’m not going to blindly follow a link flagged as a possible phishing and malware activity.
I saw two files named ziBGDO3G and ziZMf8SN .
One is 55mb while the other is 37mb. I couldn’t find anything on google search concerning the two files. IS this a virsu?
My buddy just noticed that the admin email was changed for many sites (but not all) within his network. The new email address was random characters at some strange domain.
Our host ran a scan and found no malware.
We ran a “maximum sensitivity” Word Fence scan and found no issues.
What would you suggest doing at this point? Do I trust the clean scan?
Have you heard of just the admin email being changed? What would the purpose of this be?
Thank you!
I got hacked using this plugin