Trojan in your Plugin

Hi there,
please don’t spread FALSE information, as it can affect the plugin’s reputation unjustifiably. Our plugin does not contain any trojan or other malicious software. If you detected a trojan in a js file coming with the plugin it’s either a false positive or the file was modified by some 3rd party (i.e. your site was hacked through some vulnerabilities contained in other plugins/themes).
Please compare the affected js file with the one coming with the plugin. You may download all plugin’s releases from this page, so ensure to perform the comparison with the same version of the plugin you have installed.
In the (unlikely) case of a false positive, please reply with further information about the software you used for the detection, so that I can take action.
In the (likely) case of the file being modified/hacked, you’ll have to fix it and investigate your site about vulnerabilities.

Hi.

I have the exact same problem, and now my site is blocked as harmful by F-secure (as of 16.3.2016).

Now, bear with me;

I downloaded the plugin from above (“this page”) link and when I try to unzip it, I get “Virus removed” popup from F-Secure.

The culprit it the “wp-page-widget.min.js” file under the js directory. It gives a “Trojan.Script.653084” positive. 653084 has been added to detections in “Aquarius 2016-03-14_07 – 2016-03-14 21:51:07 UTC”.

I have resubmitted our site and the offending code to F-Secure (at https://www.f-secure.com/en/web/labs_global/submit-a-sample ).

Hello cbjouk,
thanks a lot for the additional information. It’s definitely a false positive. That file does not contain any harmful code, it’s just a script that performs some operations to ensure compatibility between Black Studio TinyMCE Widget and the WP Page Widget plugin.
I will act immediately and report the false positive to F-secure.
Since that file is not essential for the plugin, I will also evaluate to remove it from the plugin (dropping the compatibility with WP Page Widget).

Thank you, much appreciated. ??

For your information I got the following response from F-Secure Security Labs support, so the issue should be going to disappear with the next update of their DB.

Hello,

Thank you for your submission.
The file you submitted is indeed clean. A database update will be released to resolve this issue.

For the meantime, you may exclude this file from Real-time Scanning.Instructions for exclusions can be found here:

Internet Security 2013/2014:
https://community.f-secure.com/t5/Security-for-PC/How-do-I-exclude-a-file-or/ta-p/15398

Internet Security 2015:
https://community.f-secure.com/t5/Security-for-PC/How-do-I-exclude-a-file-or/ta-p/56363

Policy Manager and PSB Workstation:
https://community.f-secure.com/t5/Management/Excluding-objects-from-Real-Time/ta-p/66013

For the latest database updates please visit this page:
https://www.f-secure.com/en/web/labs_global/removal-tools/-/carousel/view/140

We apologize for any inconveniences that this may have brought you.

Should you have further questions, please do not hesitate to contact us again.

Hello dwfee and cbjouk,
I received a followup from F-Secure asking if the issue has been resolved.
Please could you confirm that with the latest version of F-Secure DB the file is no longer detected as a trojan?
Thank you.

I can confirm, that the problem concerning Trojan discovery is solved. And gladly the devolopers took care of it immediatly. Thanks!

Hi dwfee, thanks for your update!