Plugin Author
pipdig
(@pipdig)
Hi Mian,
I can confirm that the plugin is clean and does not contain any malicious code. We have contacted Namecheap about this several times and they have repeatedly whitelisted the .txt file which is casuing a false-positive. However the same issue keeps repeating. I’d recommend finding a new host, since Namecheap’s exploit scanner is not configured correctly.
You can safely open a ticket with them and ask for the file to be whitelisted. This is the reply we received when we asked that a few weeks ago:
“We’re happy to let you know that the issue has been resolved. We have restored and whitelisted the file. We fixed it and everything is up and running for us.”
Actually this is probably false (dare i say lie) statement. Your whole company and your plugin practices and actions are in my very honest opinion unethical if not actually criminal (specially considering GDPR) .
You are being busted and revealed. People should know more.
https://www.wordfence.com/blog/2019/03/peculiar-php-present-in-popular-pipdig-power-pack-plugin/
https://www.jemjabella.co.uk/2019/security-alert-pipdig-insecure-ddosing-competitors/
By reading above i am not sure that your “the plugin is clean and does not contain any malicious code” is actually true after seeing what you are doing to your users and your competitors.
Shame on you mister.
Plugin Author
pipdig
(@pipdig)
Hi @sino27,
I totally understand your concerns with this. We have posted a reply with our side of the story at https://www.pipdig.co/blog/sad-times/ which may help to clear up any confusion.
