Title: WordPress 4.0.1 Dashicons.css Malicious code? Last modified: August 22, 2016 --- # WordPress 4.0.1 Dashicons.css Malicious code? * [edblogs](https://wordpress.org/support/users/edblogs/) * (@edblogs) * [11 years, 5 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/) * Hi everyone, I downloaded the latest version of WordPress (4.0.1) and noticed some gibberish code in the “wp-includes/css/dashicons.css” file…. * I just want to know and make sure if this malware inserted in the latest version of WordPress or not as it’s got a bunch of unknown text. * I downloaded the WordPress from my site dashboard and also downloaded it from the official site “wordpress.org” * any ideas would be really helpful Viewing 5 replies - 1 through 5 (of 5 total) * [geraintp](https://wordpress.org/support/users/geraintp/) * (@geraintp) * [11 years, 5 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/#post-5516158) * define gibberish? it maybe that its a base64 encoded image, if an image is small enough your can embed images into css to save having to load a separate file… * [RossMitchell](https://wordpress.org/support/users/rossmitchell/) * (@rossmitchell) * [11 years, 5 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/#post-5516160) * I have just checked the files. 4.0.0 and 4.0.1 are identical. I see only minor changes going back to 3.9.0 The gibberish is defining a font called “dashicons”. * Thank you for raising your concerns. * [geraintp](https://wordpress.org/support/users/geraintp/) * (@geraintp) * [11 years, 5 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/#post-5516161) * `src:url(data:application/x-font-woff;charset=utf-8;base64,d09GRgABAAAAAFk8AA4AAAAAkVwAAQAAAAAAAAAAA........` * is a font file embedded in the css file, its an optimisation, its a standard part of wp 4.0.1 * 😉 * Thread Starter [edblogs](https://wordpress.org/support/users/edblogs/) * (@edblogs) * [11 years, 5 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/#post-5516313) * thank you for the tips and information guys! i just checked some of the older versions as well, they’re identical. * i stumbled upon this code as i was trying to check my site due to malware issues. so i need to find what caused the problem in the first place. * again i appreciate the responses! 🙂 * [mnprivate](https://wordpress.org/support/users/mnprivate/) * (@mnprivate) * [11 years, 3 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/#post-5516418) * Bluehost just suspended my account for this so-called malicious code: * These files appear to contain malicious code. You will want to review the files and remove the injected code from important files and/or remove unused or invalid files. * /mypath/public_html/mark/wp-includes/css/dashicons.min.css /mypath/public_html/ mark/wp-includes/css/dashicons.css /mypath/public_html/mysite/modules/mod_AutsonSlideShow/ elements/colorpicker.php * now what? they want me to remove everything Viewing 5 replies - 1 through 5 (of 5 total) The topic ‘WordPress 4.0.1 Dashicons.css Malicious code?’ is closed to new replies. ## Tags * [dashicons](https://wordpress.org/support/topic-tag/dashicons/) * In: [Installing WordPress](https://wordpress.org/support/forum/installation/) * 5 replies * 4 participants * Last reply from: [mnprivate](https://wordpress.org/support/users/mnprivate/) * Last activity: [11 years, 3 months ago](https://wordpress.org/support/topic/wordpress-401-dashiconscss-malicious-code/#post-5516418) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics