Possible Virus in WP125 Plugin? (2 posts)

  1. winrid
    Posted 4 years ago #

    My client is running the plugin WP125 on his site, and in Chrome's console I notice the following:

    Resource interpreted as Image but transferred with MIME type text/plain: "http://l.betrad.com/ct/0_0_0_0_0_8366/us/0/1/0/0/0/0/1/242/141/0/pixel.gif?v=705&ttid=2&d=a.rfihub.com&m=5&r=15713".

    Where l.betrad.com is listed here...


    XHTML block that the code is referenced from:

    Anybody else having this occur? The plugin looks legit and infected at the same time.. I cannot find any reference to the URL in the plugin's code, which suggests the programmer is trying to hide it. Or, could I be wrong and betrad.com is just used for handling data? Because...


    Looks extremely legit.

    HELP! :(

  2. esmi
    Forum Moderator
    Posted 4 years ago #

Topic Closed

This topic has been closed to new replies.

About this Topic