Best Blackhat Forum

(09-16-2018 11:08 AM)smithnowt Wrote: [ -> ]Thanks for the thanks Berlinerin and Ramonski.

I must confess that I've become very careful to always check WP addons either via the provided VT or doing it myself.
This was pushed rather hard to my attention when several folks shared infected stuff here that had VT URLs that were made by telling it to scan the filesharing site INSTEAD of the actual file - which is 100% useless and meaningless.
Good thing it is easy to figure out with just a glance though - if/when it says URL intead of a filename, it is exactly that BS and can make for covering bad stuff for anyone not careful enough to notice.

Not all devs are either careful or kosher either and with so many sites depending upon WP now, it must be easy to exploit backdoors when users know no better.

Another trick that some users do here is to grab infested stuff from the site code...x...in...h, re-upload it as a new share, as-is, then share it here - even going so far as to use the marked photos from their source, a dead giveaway of their carelessness.

I strongly suggest that folks be on the lookout for Webshell and other backdoors if there is any desire to keep their hard works safe from malware and exploits.

Yes malware is so bad. You can get kicked out from your webhoster, if he see bad malware in your Websites. Also google dont love it.
It happened to me, and I said: never again! My whole websites was down and deleted from webhoster! And I had to upload all again, without malware. Much work! And I had to SIGN that I never use malware again! That was a website which made money that time. And also to my clients it happened :(

Some years ago it was a worster time with malware, now its better. Some years ago also from the direct Developers plugins and themes were infected, because some came to their side and infected it. Thats why Themeforest at that time posted a big Appologize for the infected files in the Sliderplugin, who nearly everyone used!

I hope it gets better. .... Malware is bad.

Ramonski

Do you know, that as a non-vip member Signature to your link is not allowed here?



You risk to get banned! Better not..
I would not risk it, but you can do what ever you want....
And start again and again from the beginning....
It is better to build Trust - for me.

(09-16-2018 11:54 AM)berlinerin Wrote: [ -> ]

Ramonski

Do you know, that as a non-vip member Signature to your link is not allowed here?



You risk to get banned! Better not..
I would not risk it, but you can do what ever you want....
And start again and again from the beginning....
It is better to build Trust - for me.

The same question!
I guess he paid for it like Ads?

Now he is a vip

Enter your purchase e-mail. No use for now. Thanks anyway

Raul, that is your name right? You brought suspicion to your shares when you scanned a download page instead of the file itself (cmon, you been signed up here since 2012, and with multiple accounts). Then you said "if someone knows about this sort of thing to let everyone know" - When talking about shells and how you didn't know how to find them.

Then in another post you said "It didn't need nulled so you didn't even open it." so... you know how to code.. Which means you know about this sort of thing. aaaaanyways...I did go over the plugin, and its not a false positive. Cheers

can anyone null this plugin

curious about the infected file! so I tested it actually in VT: please check the result! (see Url)
"No engines detected this file"

https://www.virustotal.com/gui/file/b8d6.../detection

curious about the infected file! so I tested it actually in VT: please check the result! (see Url)
"No engines detected this file"

https://www.virustotal.com/gui/file/b8d6.../detection