MALWARE found in plugin?

  • Wordfence is alerting that “This file is suspected malware: wp-content/plugins/genesis-simple-sidebars/README.md”

    This file’s signature matches a known malware file. The title of the malware is ‘Win.Malware.Agent1592130909/CRDF-1’.

Viewing 4 replies - 1 through 4 (of 4 total)

  • Ditto.
    WordFence has flagging this file on at least a dozen client sites that use GSS plugin.

    Nathan, Ron, can you check please?
    Thank you.

    Am receiving the same alert on my sites as well. They do not appear to be newly installed or updated files by the time/date stamp.

    The file was flagged because it matched the signature Win.Malware.Agent1592130909/CRDF-1 from the ClamAV databases. This and one other signature in those databases were hashes for single byte files (this one was a single \n character), so we’ve manually removed those two from the list we check against.

    Ditto on the alert but it was found in a disabled plugin (Timber) so I removed the plugin from the site.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘MALWARE found in plugin?’ is closed to new replies.

Tags