Infected with malware

When did you update this plugin?

It currently says version 8.0.27 in my wordpress plugin page.
I hate to say for sure that I even have done a manual update for it (at least in the last few days). I don’t think that I have, but its possible. Its not that I updated it and then found this issue. I just started working on my product this morning after getting to the office and it started doing the redirect. Yesterday when I was working on my products it was working fine.

• This reply was modified 5 years, 10 months ago by radial.
• This reply was modified 5 years, 10 months ago by radial.

We’ve updated the plugin this morning with version 8.0.28 which contains the fix for the vulnerability.

We’re also looking into how to help users restore their website functionality back to normal either with a further update or manual workaround. Please update to version 8.0.28 the soonest.

Hi All, the plugin author responded 35 minutes ago but their response was caught up in the forum’s spam queue. Please remain calm and follow that advice.

If you are interested in this bit:

We’re also looking into how to help users restore their website functionality back to normal either with a further update or manual workaround. Please update to version 8.0.28 the soonest.

You will need to consider opening your own individual threads here: https://www.ads-software.com/support/plugin/wp-live-chat-support/#new-post

Version 8.0.27 has a vulnerability on GDPR page: if admins click a malicious url while logged in, there’s a chance that some external malicious JS file is added to the custom script section.

In order to patch yourself against the vulnerability: Uninstall version 8.0.27 and install version 8.0.29 which we will be committing shortly. This version fixes the vulnerability.

Also check the menu Settings / Custom Scripts and clean up the unwanted code if any is present.

• This reply was modified 5 years, 10 months ago by Andrew Nevins.
• This reply was modified 5 years, 10 months ago by WP-LiveChat.

Thank you Andrew and wp-livechat!

We’ve actually responded very swiftly to this forum post, but unfortunately our posts keep pending moderator review which usually takes 30 minutes up to an hour or so.

@tarheit2 Ensure you have removed the malicious code. wp admin – > Live Chat -> Settings -> Custom Scripts and removing the Custom JS that had been injected

• This reply was modified 5 years, 10 months ago by radial.

The so called PRO is deprecated. There is no PRO anymore. We’ve deprecated it entirely and merged it’s functionality into 1 fully functional free plugin that’s only hosted here on www.ads-software.com.

If you have installed the so called PRO, please uninstall it entirely and use the latest .29 version instead.

We’ve taken an entirely new direction over the past 1-2 months now, have hired an entirely new team of developers for the plugin and plan to work on making the plugin much better and reliable. The ‘Pro’ deprecation and moving everything to be completely free was basically our first step towards all this. The next step is to improve the reliability and general functionality of the plugin. Our new team also includes a security auditing engineer who will be checking everything extremely thoroughly.

I’ve closed this topic and have temporarily flagged the accounts that posted malware samples. Those and other replies have been archived.

Update the plugin and do not post malware samples again. That’s not for these forums and gets removed when found.

If you are hacked or think you are hacked, see this reply.

https://www.ads-software.com/support/topic/infected-with-malware-3/page/2/#post-11543678

Give this a good read after that. The compromise may be more than just the Custom Scripts settings.

https://www.ads-software.com/support/article/faq-my-site-was-hacked/

When you have successfully deloused your site then consider giving this a read too.

https://www.ads-software.com/support/article/hardening-wordpress/