We have a infiltrated website. It looks like it’s hiding somewhere in the code of infinite-scroll but I can’t find it. The symptom is that after you scroll down so that it loads more content, there are a few embedded links in the page which are for objectionable material.
I have 2 questions.
1) I downloaded the site locally but the infinite-scroll isn’t working. It gives me “Loading the next set of posts” and almost immediately displays “Congratulations you’ve reached the end of the internet.” with no resulting pages loading below. To help me find the infected file, or database injection, I’d like to get this to load correctly.
2) What file might the code reside in based on the description of the issue. It’s the same static tags showing up during each new reload of pages in the same location each time. I ran a file search for the links but they aren’t anywhere on any file in the web directory so my guess is the code inside infinite-scroll is obfuscated with iframe or encoding.
Thanks very much for all possible help.
- The topic ‘Website Injection’ is closed to new replies.