Title: Beware telefonsex Hack! Last modified: September 2, 2016 --- # Beware telefonsex Hack! * [Margaret](https://wordpress.org/support/users/slabcinema/) * (@slabcinema) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/) * I loved this plugin but then I discovered the following code in my source. I checked the web and it has proliferated all over. * _[ spammy links deleted ]_ Viewing 7 replies - 1 through 7 (of 7 total) * [Alin Marcu](https://wordpress.org/support/users/deconf/) * (@deconf) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857160) * First of all uninstall and reinstall a legit version from this directory. * Then you should check if: * 1. You’ve installed one of the spam copies that were around here few months ago, more details here: * [http://wordpress.org/support/topic/secret-links-on-your-website?replies=3](http://wordpress.org/support/topic/secret-links-on-your-website?replies=3) * 2. You’ve installed the plugin from a legit source (e.g. this directory or my website) * 3. Your website was hacked, here is a handy step by step tutorial: [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked) * Any additional info you give will help determine what really happened. * A MOD should wrap the above spam snippet from previous post in a code tag! * Thread Starter [Margaret](https://wordpress.org/support/users/slabcinema/) * (@slabcinema) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857164) * Thanks. I installed this plug-in directly from the “install plugins” tab on my WP dashboard within the last couple of weeks. (It’s a new site.) * [Alin Marcu](https://wordpress.org/support/users/deconf/) * (@deconf) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857166) * Then you should focus on my third suggestion: [http://codex.wordpress.org/FAQ_My_site_was_hacked](http://codex.wordpress.org/FAQ_My_site_was_hacked) * Thread Starter [Margaret](https://wordpress.org/support/users/slabcinema/) * (@slabcinema) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857167) * As soon as I removed the plug-in, the code went away. The site was not hacked, the nefarious code came in with the plug-in. Removing the plug-in solved my problem, but I just wanted to make sure you were aware of the issue. * Moderator [Jan Dembowski](https://wordpress.org/support/users/jdembowski/) * (@jdembowski) * Forum Moderator and Brute Squad * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857174) * > The site was not hacked, the nefarious code came in with the plug-in. * Can you point to where in the code that hack came from? All you’ve demonstrated is that your site was hacked not that there is an issue with the plugin. * [Alin Marcu](https://wordpress.org/support/users/deconf/) * (@deconf) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857175) * Regular users don’t compare the code with the original one from repositories, they just blame us, the developers. * After uninstalling the plugin, on a second stage of the attack, when a new random plugin is chosen, they realize the fact that the website was actually hacked. Usually that’s to late, because their hosting provider will be unable to provide a clean backup at that point. * Thread Starter [Margaret](https://wordpress.org/support/users/slabcinema/) * (@slabcinema) * [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857177) * Possibly, that will be the case. My intent was not to lay blame, but to make you and others aware of a situation, especially since there was a similar occurrence involving your plug-in a couple of months ago: [http://wordpress.org/support/topic/secret-links-on-your-website?replies=3](http://wordpress.org/support/topic/secret-links-on-your-website?replies=3). * I can see that you are certain that it came from a hack, and since I deleted the associated directory as soon as I discovered the secret links, I can provide no other information to prove otherwise. Your plug-in is very useful, outside of the fact that my version of it somehow contained hacked code. Viewing 7 replies - 1 through 7 (of 7 total) The topic ‘Beware telefonsex Hack!’ is closed to new replies. * ![](https://ps.w.org/google-analytics-dashboard-for-wp/assets/icon.svg?rev=2243225) * [ExactMetrics - Google Analytics Dashboard for WordPress (Website Stats Plugin)](https://wordpress.org/plugins/google-analytics-dashboard-for-wp/) * [Frequently Asked Questions](https://wordpress.org/plugins/google-analytics-dashboard-for-wp/#faq) * [Support Threads](https://wordpress.org/support/plugin/google-analytics-dashboard-for-wp/) * [Active Topics](https://wordpress.org/support/plugin/google-analytics-dashboard-for-wp/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/google-analytics-dashboard-for-wp/unresolved/) * [Reviews](https://wordpress.org/support/plugin/google-analytics-dashboard-for-wp/reviews/) * 7 replies * 3 participants * Last reply from: [Margaret](https://wordpress.org/support/users/slabcinema/) * Last activity: [12 years ago](https://wordpress.org/support/topic/beware-telefonsex-hack/#post-7857177)