Unwanted Pop-ups Caused by Injectbody/Injectscr Plugins

less than 1 minute read

Unwanted Pop-ups Caused by Injectbody/Injectscr Plugins<p>On February 8th, 2018, we noticed a new wave of WordPress infections involving two malicious plugins: injectbody and injectscr. These plugins inject obfuscated scripts, creating unwanted pop-up/pop-unders. Whenever a visitor clicks anywhere on an infected web page, they are served questionable ads.</p>

Plugin Location

The malicious plugins possess a very similar file structure:

Injectbody

wp-content/plugins/injectbody/

  • injectbody.php: 2146 bytes (the plugin code)
  • inject.txt: 2006 bytes (injected JavaScript)

Injectscr

wp-content/plugins/injectscr/

  • injectscr.php: 1319 bytes (the plugin code)
  • inject.txt: 3906 bytes (injected JavaScript)

The functionality of these plugins are also very similar.

Continue reading Unwanted Pop-ups Caused by Injectbody/Injectscr Plugins at Sucuri Blog.

Spotlight on Women in Cybersecurity

less than 1 minute read

Sucuri is committed to helping women develop their careers in technology. On International Women’s Day, Sucuri team members share their insights into workin...

Hacked Website Trend Report – 2018

less than 1 minute read

We are proud to be releasing our latest Hacked Website Trend Report for 2018. This report is based on data collected and analyzed by the GoDaddy Security / ...