Support » Plugin: WP-Live Chat by 3CX » Do you know if the malware infected anything else besides your plugin?

  • Resolved echoleaf

    (@echoleaf)


    We’ve updated the plugin, then deleted it, and removed the fake Yandex admin user. Do you know if the malware can infect other files in the WP install?

Viewing 7 replies - 1 through 7 (of 7 total)
  • double check your htaccess file

    I did, there’s nothing out of the ordinary in it. Besides your plugin, are the other symptoms the fake Yandex admin user and an edited htaccess file?

    I’m not the plugin author, but what I found in my own site was only the custom JS code (which is solved by updating as the custom JS block is now completely removed) and a redirect rule in htaccess, nothing else.

    Oh ok. Thanks a lot for mentioning it, much appreciated. What I found on my site was an admin user with the email address ‘wordpressupdate@yandex.com’ and scripts that were redirecting content links (but not nav links) to various pop ups & pop unders.

    What as the redirect in your htaccess going to?

    Hi @echoleaf,

    Thank you for getting in touch and our apologies for the trouble experienced.

    We would like to ask that you reach out to us here: https://wp-livechat.com/contact-us/ – So that we can get a developer to assist you with identifying and resolving the issue from our side.

    We are eager to assist you in any way possible to prevent this issue from occurring moving forward.

    We would also like to thank @yward for the input provided on this thread, it is greatly appreciated.

    @echoleaf did you manage to come right?

    Yep.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Do you know if the malware infected anything else besides your plugin?’ is closed to new replies.