Confirmation on Malicious code

  • Resolved ontheroad

    (@ontheroad)


    4 years, 3 months ago

    Hi there,

    This is a great plugin!

    I recently did a malware scan with Quttera Web Malware Scanner for WordPress (Plugin version 3.3.4.32)

    It came up with this

    Severity: enMaliciousThreatType
    File: wp-content/plugins/really-simple-ssl/class-admin.php
    File signature: 8a5d8389fa53dfbfe93a554e114a2794
    Threat signature: 65eaa6bd33bc69eda57e2f39f0ea453b
    Threat name: Trojan.PHP.Dropper.gen.14c
    Threat: <?php defined(‘A
    Details: Malicious PHP dropper

    Could you please explain why this is being picked up as potential Malware?

    Again, I do think this is a great plugin and suspect this is a false positive, but I’d just like to know if this file is part of RSSSL or not or a false positive, if it is the latter then it might be worth letting the folks at Quttera know too.

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hello @ontheroad,

    Can you please share if that detection occurs using high sensitivity scan?

    We are checking the issue on our side.

    Thanks,
    Quttera Team.

    Thread Starter ontheroad

    (@ontheroad)

    Hello @quttera

    It occurs with an Internal Scanner – Default scan. So no, it’s not the high sensitivity scan.

    Hope this helps

    Thank you for the provided information.

    Yes, this detection seems to be a false positive, we are working to whitelist it on our side.

    Thank you so much for reporting this issue!

    Plugin Contributor Rogier Lankhorst

    (@rogierlankhorst)

    As a fix seems to be in progress, I’m closing this as resolved.

    Thanks @quttera for responding.

    Thread Starter ontheroad

    (@ontheroad)

    Great to know. Both plugins are excellent. Thanks for resolving it do quickly.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Confirmation on Malicious code’ is closed to new replies.