MW:JS:GEN2?malware.script_base64.1

Home Forums Support Forum MW:JS:GEN2?malware.script_base64.1

Tagged: 

This topic contains 6 replies, has 2 voices, and was last updated by  Neil Belliveau 7 years, 9 months ago.

Viewing 7 posts - 1 through 7 (of 7 total)
  • Author
    Posts
  • #1797

    Your scanner isn’t picking up the injection Sucuri is finding and I have updated definitions. I can’t even find these injections manually in the code myself. Any help you can provide would be appreciated.

     

    #1798

    Anti-Malware Admin
    Key Master

    That is because this threat is usually not in any of your files. Instead, this malicious HTML is injected directly into your database. You’ll need to look in your post/page content (using the text tab so that you can see the HTML tags that you don’t want there) and remove the unwanted text manually.

    Your bigger problem is that the hacker(s) will likely still have remote access to your database and they can re-inject this unwanted content. There was a widespread outbreak of this particular threat on TSOHOST recently and a number of their customers reported repeated hacks without any recourse to stop them from injecting the same links into their database.

    I would suggest changing your DB_PASS and updating your wp-config.php file. If that does not stop repeated infections then you may have to look for a more secure host.

    #1799

    I didn’t see any injection in the DB. When I look at the source the code is in the header area.

    #1800

    Anti-Malware Admin
    Key Master

    If it’s not in your theme’s header.php then I would reaffirm that it’s in the database. Try looking in the wp_options table, hat is where special header output is usually stored.

    #1807

    So I haven’t been able to find anything in the DB and the injection remains when I switch all the plugins off and change the theme…Going to rebuild it next but quick question…In your plugin in should I be able to check the box for “Core File Changes” after I donated? It’s still a red circle with an x in it.

    #1808

    Anti-Malware Admin
    Key Master

    All you need to do is enable the automatic updates and that will install the core files definitions for you.

    #1809

    Cool…I guessed I missed that and once I did that I was able to select the core files option.

    Thanks!

Viewing 7 posts - 1 through 7 (of 7 total)

You must be logged in to reply to this topic.

Comments are closed.