Andrew Nevins
(@anevins)
WCLDN 2018 Contributor | Volunteer support
Ok I understand what your saying about the plugin not being on wordpress.org I couldn’t find it either. The vendor has no support options other than installation documentation. I have just migrated this site to my wordpress hosting server and I am concerned the client WP may be a danger to other WP sites on the same box or other issues.
I couldn’t find anything on the Wordfence site. I did not want to report it through the support channel as the pro support only covers my own website and not that of clients. Which leads me back to this Wordfence forum.
I hope someone at Wordfence is able to assist.
Can you zip up the plugin and send to samples [at] wordfence.com? Reference this forum post url
tim
Hi Tim, did you get the file I sent you a couple of days ago?
I just saw it. The funny thing is that Chrome wouldn’t even let me download it because it saw it as bad. If it is the one I saw online when I searched it looks like the company might even be out of business? If I were you I would not use it. I’ll send it over to the forensics lab to be sure.
tim
I just confirmed with the forensics lab that the plugin is full of malware. DO NOT INSTALL THIS PLUGIN.
tim
The vendor confirmed that they use an obfuscation technique to encode and to mask source code. This is creating false positives in WordFence
This report from virustotal.com gives more information.
https://www.virustotal.com/en/file/226dcbc770441f73b71409ab5c2d86e7ce53e34a1ecc17c655df2eaf4d119228/analysis/1458910826/
Jim
