Possible virus in plugin version 2.6.2

  • Resolved netaesthetics

    (@netaesthetics)


    6 years, 1 month ago

    Our website mud.edu was recently blocked from adding Google Ad Words as the site contained “malicious software”. The links being created from software Google identified were links to this site: [removed by moderator] We had our hosting company WPEngine do a security scan and they identified this as malicious software that they removed:

    CLEARED: Cleared suspicious malware from file: ./wp-content/plugins/widget-for-eventbrite-api/includes/vendor/moment/moment/min/locales.min.js Details: rex.hex_obfuscated.001

    I checked the version 2.6.2 file I had locally on our dev server and it was identical. The file has been cleared from the production server, but I believe it should be the same as the dev server version.

    Can you confirm that you found a malicious script in your 2.6.2 version of your plugin? Is it safe to upgrade to the latest version of your plugin? (in other words the newer version is cleared of any malicious scripts)

    • This topic was modified 5 years, 12 months ago by James Huff. Reason: malware link removed by moderator

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author fullworks

    (@fullworks)

    Hi,

    First, I think you ( or a moderator ) should remove that link to an active malicious site, don’t want people going there.

    In terms of your issue, I can confirm there was no virus or malicious code in /wp-content/plugins/widget-for-eventbrite-api/includes/vendor/moment/moment/min/locales.min.js in version 2.6.2 or any version indeed.

    It is most likely that your site was hacked and the malicious code was injected as part of that attack, which is common practice when sites are breached.

    I am glad to see you site has since been recovered.

Viewing 1 replies (of 1 total)
  • The topic ‘Possible virus in plugin version 2.6.2’ is closed to new replies.