Dreamhost is saying this is malware

  • glenncvance

    (@glenncvance)


    9 years ago

    This is what I received from Dreamhost –

    We have identified attacker-added malicious content, which may include
    malware such as backdoor shells, adware, botnet, and spammer scripts.

    The following file(s) specifically have been identified as attacker-added
    malware. These files have been DISABLED by setting their permissions to 200
    (Owner write-only). These files should be audited and either replaced with
    known good versions or, if not legitimate site components, removed altogether:

    /my_site_URL/plugins/captcha-on-login/templates/report.php
    /my_site_URL/plugins/captcha-on-login/templates/options.php
    /my_site_URL/plugins/captcha-on-login/index.php

    I’ve deleted this plugin and will not be using it again.

Viewing 1 replies (of 1 total)

  • That plugin does not contain malicious code. They use the same obfuscation method as some malicious code does, but the plugin code only shows a div tag with the captcha in it.

    Dreamhost just saw the code that “looked” like malicious code, but they never deobfuscated it so they just said it was malicious.

Viewing 1 replies (of 1 total)
  • The topic ‘Dreamhost is saying this is malware’ is closed to new replies.