“cloudfront.net” Suspicious code in library/smartslider/smartslider3.php

  • Resolved marcorroma

    (@marcorroma)


    4 years, 8 months ago

    Hi, some visitors to my site tell me that by clicking on the Facebook posts addressed to my site they are directed to the “cloudfront.net” site. With announcements like “Congratulations, you’re selected as a lucky user today”.

    I noticed that in your plugin, in the folder library/smartslider/ – File name: smartslider3.php, there is a suspicious code, this:
    <script>!function(e,o,n){window.HSCW=o,window.HS=n,n.beacon=n.beacon||{};var t=n.beacon;t.userConfig={},t.readyQueue=[],t.config=function(e){this.userConfig=e},t.ready=function(e){this.readyQueue.push(e)},o.config={docs:{enabled:!0,baseUrl:"https://smartslider3.helpscoutdocs.com/"},contact:{enabled:!0,formId:"5bf2183c-77e2-11e5-8846-0e599dc12a51"}};var r=e.getElementsByTagName("script")[0],c=e.createElement("script");c.type="text/javascript",c.async=!0,c.src="https://djtflbt20bdde.cloudfront.net/",r.parentNode.insertBefore(c,r)}(document,window.HSCW||{},window.HS||{});HS.beacon.ready(function () {HS.beacon.search("' . $search . '");});</script>

    Can this be the cause of these problems?
    Thank you

Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
  • The topic ‘“cloudfront.net” Suspicious code in library/smartslider/smartslider3.php’ is closed to new replies.