Theme footer.php file updated / flagged from Google Ads script

  • Is this legit? The site was hacked recently but cleaned up by Sucuri. A later WF scan revealed this although I think I also recently changed plugins to handle the Google Analytics tracking code, so I’m not sure if that’s related to this. See below. Thanks!

    Filename: wp-content/themes/THEMENOTLISTED/footer.php
    File Type: Not a core, theme, or plugin file from www.remarpro.com.

    Details: This file appears to be installed or modified by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The matched text in this file is: <script data-ad-client=”ca-pub-4780763182711257″ async src=”https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js”></script>&lt;?php

    The issue type is: Suspicious:HTML/filesStartingWithScriptTags.7139
    Description: Script tags often seen in infections with malicious redirects

    The page I need help with: [log in to see the link]

Viewing 2 replies - 1 through 2 (of 2 total)

  • Hi @markmadedesign,

    Taking a look at this:

    <script data-ad-client=”ca-pub-4780763182711257″ async src=”https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js”></script>

    This is an ad unit, so if you didn’t intent on placing an ad on every single page on your site: then you should remove this from the footer.php file.

    Dave

    Thread Starter MarkMadeDesign

    (@markmadedesign)

    Thank you @wfdave! I’m going to have this bit of code removed from the footer.php file since we don’t have Google ads running for this client.

    Can a hacker use this for anything malicious? Just trying to figure out why / how it got there.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Theme footer.php file updated / flagged from Google Ads script’ is closed to new replies.