Malware warning

  • Resolved jimwpo

    (@jimwpo)


    7 months, 2 weeks ago

    I scanned my website with Quttera and found out some malware, parts of them in the independent analytics files.

    After scanning and deleting some of the infected files, we finally discovered that the malware came from this plugin: independent-analytics

    Once the cleanup was complete, we re-installed this plugin and scanned again, this time Quttera only showed one warning:

    FILE: wp-content/plugins/independent-analytics/vendor/symfony/console/Terminal.php
    FILE_MD5: 718875437519219584c6f9b6c4fba263
    SEVERITY: enMaliciousThreatType
    ENGINE: fscanner
    THREAT_SIG: 0b0aedc67ceb10a3d13e53092537a353
    THREAT_NAME: Backdoor.PHP.Exec.gen.3CE
    THREAT: <?php /* * This file is part of the Symfony package. * *…
    DETAILS: Detected malicious PHP code

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Ben Sibley

    (@bensibley)

    Hi there,

    Thanks for getting in touch about this.

    This is a false positive as the code in question does not expose a vulnerability on the site. This code is included in the Symfony PHP library, and is used in a lot of WP plugins.

    However, we don’t want anyone thinking there’s malware in our plugin, so we will be stripping out the entire console folder from Symfony in our next update. This will remove the warning from the security scanner plugin.

Viewing 1 replies (of 1 total)
  • The topic ‘Malware warning’ is closed to new replies.