Title: Yeloni Malware ?
Last modified: April 29, 2018

---

# Yeloni Malware ?

 *  Resolved [grafityx](https://wordpress.org/support/users/grafityx/)
 * (@grafityx)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/)
 * After malware scan on several websites using Yeloni, Quterra.com considered it
   as a malware (potentially dangerous)…
 * Any update soon by the Yeloni team ?
 * Thanks
    -  This topic was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).
    -  This topic was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).

Viewing 8 replies - 1 through 8 (of 8 total)

 *  Plugin Author [kranthitech](https://wordpress.org/support/users/kranthitech/)
 * (@kranthitech)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10229510)
 * Hi there,
 * Thanks for bringing this to our notice.
 * Our plugin uses base64 encoding to render the pop-up contents so that we are 
   able to handle special characters and apostrophes as we noticed an issue with
   these characters on some non-english websites.
 * It seems like this is being misinterpreted as code obfuscation by quterra. We’ll
   get in touch with them with clarification and take the recommended course of 
   action.
 * Regards
 *  Plugin Author [kranthitech](https://wordpress.org/support/users/kranthitech/)
 * (@kranthitech)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10230720)
 * Hi there,
 * We release a new version 7.0.0 which does not have base64 encoding. This may 
   not work on websites using some special characters but it should no longer show
   up as obfuscation.
 * I have also began communication with Quterra for resolution on their report. 
   Will keep you updated.
 * Regards
 *  Thread Starter [grafityx](https://wordpress.org/support/users/grafityx/)
 * (@grafityx)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10230744)
 * Thanks for your fast answer.
 * I did the update and run a new scan, but it still show suspicious files, details
   bellow:
 *     ```
       /#content
       Severity: 	
       Potentially Suspicious
       Reason: 	
       Detected procedure that is commonly used in suspicious activity.
       Details: 	
       Too low entropy detected in string [['JTdCJTIyd2lkZ2V0cyUyMiUzQSU1QiU3QiUyMmNvZGUlMjIlM0ElMjJsWWRWTiUyMiUyQyUyMmluaXRpYWxpemF0aW9uJTIyJTNB']] of length 73960 which may point to obfuscation or shellcode.
       Threat dump MD5: 	
       F8137956B5125D540D898471B041A3D4
       File size[byte]: 	
       163012
       File type: 	
       HTML
       Page/File MD5: 	
       0C1B5EB62E934B815AFCC61CB5389FA9
       Scan duration[sec]: 	
       55.77
       ```
   
 * Threat dump:
 * `[[<script type='text/javascript' language='javascript' > window.autience_post_id
   =1332; var autience_is_single =false; window.autience_is_home =true; var autience_path
   = "https://mywebsite.com/wp-content/plugins/yeloni-free-exit-popup"; window.autience_page_name
   = "page-exemple"; window.autience_post_type = "post"; window.autience_categories
   =[ { "cat_ID":64,"name":"Bordeaux" } , { "cat_ID":53,"name":"Rencontre cougar"}];
   window.autience_listen = function(obj, evt, fn,obj_name) { //some browsers support
   addEventListener, and some use attachEvent try { if (obj) { if (obj.addEventListener){
   obj.addEventListener(evt, function(e) { fn(e, evt, obj); } , false); } else if(
   obj.attachEvent) { obj.attachEvent("on" + evt, function(e) { //pass event as 
   an additional parameter to the input function fn(e, evt, obj); } ) } } } catch(
   err) { console.log('TRY CATCH error while binding event li`
    -  This reply was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).
    -  This reply was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).
    -  This reply was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).
 *  Plugin Author [kranthitech](https://wordpress.org/support/users/kranthitech/)
 * (@kranthitech)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10230765)
 * Is this site upgraded to plugin version 7.0.0?
 * Can you share the url of the site?
 * Thanks
 *  Thread Starter [grafityx](https://wordpress.org/support/users/grafityx/)
 * (@grafityx)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10230810)
 * Can’t share in public for negative SEO impact but if you give me your Skype or
   email address for sure I will send you the link.
    -  This reply was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).
    -  This reply was modified 8 years, 1 month ago by [grafityx](https://wordpress.org/support/users/grafityx/).
 *  Plugin Author [kranthitech](https://wordpress.org/support/users/kranthitech/)
 * (@kranthitech)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10230832)
 * Sure. Please email me at [kranthitech@gmail.com](https://wordpress.org/support/topic/yeloni-malware/kranthitech@gmail.com?output_format=md).
 *  Plugin Author [kranthitech](https://wordpress.org/support/users/kranthitech/)
 * (@kranthitech)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10231117)
 * Marking as resolved
 *  Thread Starter [grafityx](https://wordpress.org/support/users/grafityx/)
 * (@grafityx)
 * [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10231147)
 * Efficient team and awesome plugin. Thanks

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘Yeloni Malware ?’ is closed to new replies.

 * ![](https://ps.w.org/yeloni-free-exit-popup/assets/icon-256x256.jpg?rev=1537798)
 * [Yeloni Exit Popup | (Free) GDPR Compliance](https://wordpress.org/plugins/yeloni-free-exit-popup/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/yeloni-free-exit-popup/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/yeloni-free-exit-popup/)
 * [Active Topics](https://wordpress.org/support/plugin/yeloni-free-exit-popup/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/yeloni-free-exit-popup/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/yeloni-free-exit-popup/reviews/)

 * 8 replies
 * 2 participants
 * Last reply from: [grafityx](https://wordpress.org/support/users/grafityx/)
 * Last activity: [8 years, 1 month ago](https://wordpress.org/support/topic/yeloni-malware/#post-10231147)
 * Status: resolved