Malware in theme

  • Resolved ianm777

    (@ianm777)


    11 years, 4 months ago

    I found this in my supreme theme a few days ago and thought I would post it.
    The scanner did not find it.
    FYI I changed the http to hxxp

    ./wp-content/themes/supreme/footer.php:190:                                        <div id="edu-menu" style="display:none;"><a href="//[REDACTED]">buy Imitrex</a></div>

    https://ww.wp.xz.cn/plugins/gotmls/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    11 years, 4 months ago

    That’s probably a nulled theme meaning someone took a commercial product and added Very Bad Things™ to it.

    I suggest you lose that theme like a bad infection and check your installation for further bad things. Or contact the vendor and get an updated copy.

    Plugin Author Eli

    (@scheeeli)

    11 years, 4 months ago

    @ianm777,
    You post looks incomplete or edited. Can you show me what you found so I can add it to my definition updates?

    You can email me directly if you can’t post it: eli AT gotmls DOT net

    Plugin Author Eli

    (@scheeeli)

    11 years, 4 months ago

    Ian,
    Thanks for emailing me that infected footer file. I added that new threat to my Definition Updates so it can be automatically removed using my plugin.

    Please let me know if you find any more.

    Aloha, Eli

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Malware in theme’ is closed to new replies.