Support » Plugin: Better Click To Tweet » This plugin got hacked!

  • Resolved forgetwp

    (@forgetwp)


    Just installed this plugin, and every time you click to buy premium styles, or you go to plugin main site, you being re-directed to spam sites!

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Ben Meredith

    (@benmeredithgmailcom)

    Hi there. I just checked betterclicktotweet.com, and I am not seeing any evidence of the site being compromised at all. Can you clarify where you are seeing a problem? Which exact link did you click on that led to a spammy site?

    I’m digging into this right now trying to find it myself, but as I mentioned I’m so far not seeing anything out of place.

    Hi Ben,

    Anywhere that your plugin refers to,
    In the WP dashboard and the link that says: Purchase it today Save 8% with the code NAGSareTHEbest

    On the Buy premium add-on

    if I click on Power User guide from here – https://wordpress.org/plugins/better-click-to-tweet/

    Same thing.

    Then I’m being redirected 3-4 times and finals URL is this – https://notifychheck.com/?wmi=63449&lp=10&sub1=Ona

    Checked on Safari, Chrome etc. Same thing.

    Just checked using Sucuri, and they having trouble scanning it.

    “Unable to scan your site. TLS certificate does not match the host name”

    https://sitecheck.sucuri.net/results/betterclicktotweet.com

    Plugin Author Ben Meredith

    (@benmeredithgmailcom)

    Thanks for the heads up. I have now cleaned and unhacked the site. Please try again from a new browser and let me know if you are still seeing issues.

    Hi!

    I still get a redirect to a spammy site if I open the link “Add premium styles” on the plugin description site.

    Marc

    We’ve removed plugin since then.

    Plugin Author Ben Meredith

    (@benmeredithgmailcom)

    Hi folks,

    I cleaned the site last week and have been keeping a close eye on it. It is no longer hacked.

    For clarification: the plugin was never hacked, and posed no security risk whatsoever to users of the plugin.

    The WordPress installation where I sell premium add-ons was infected with some malware but no customer information was jeopardized, and I’ve restored to a backup that is not hacked, and have been monitoring things very closely ever since.

    If the site is still redirecting, please flush your browser cache and clear cookies, and you should be all set.

    Thanks!

Viewing 7 replies - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.