Официальный сайт Wordpress распространяет темы с вредоносным кодом
Сегодня с утра в тикете моего хостера вижу сообщение "Жалоба на фишинг", причем жалоба с французского сайта:
Hello,
We are sorry to inform you that your network is hosting a "Phishing:URL" threat from the IP address "***".
Please find the technical information identified by our systems below.
The CRDF Labs lab issues alerts to the service providers responsible for hosting this malicious content so that the provider can stop the problem immediately. If you would like to know more about the CRDF Threat Center, please visit this webpage: https://threatcenter.crdf.fr/faq.html#answer_149
----
* IP Address: ***
* Type of the detected threat: Phishing:URL
* URL: hxxp://nlonews[.]com/wp-includes/ID3/auth/PPL/?country[.]x=PL&locale[.]x=en_PL%3E&client=3f4968d6fc23dd512fe8ad85e4511b2f
* Domain name: nlonews[.]com
----
We recommend taking the necessary steps to identify and treat compromised machines.
It is also your responsibility to research the cause of the infection and to do what is necessary to correct it.
Important: for any answer, please include the following reference to all your exchanges.
:ref:5d964b88caacf:ref:
WARNING: CRDF Labs processes notifications to abuse in an automated way by our systems. The email address "abuse_notification@crdflabs.fr" is not monitored because we receive too many automatic replies from abuse team. If you have a specific complaint or need help, you can contact us at "labs@crdf.fr".
----
If you have done the necessary on your side regarding this issue, thank you kindly click on the link below to confirm the closure of this issue:
https://threatcenter.crdf.fr/abuse.php?closed&reference=5d964b88caacf
By clicking on this link, CRDF Labs will consider that the malicious resource is no longer accessible from your network. Thus, CRDF Labs will launch a specific procedure to remove the IP address and domain name blacklisted by CRDF Threat Center.
----
If you no longer wish to receive our email alerts (they are useful), please follow the link below:
https://threatcenter.crdf.fr/abuse.php?stop&reference=5d964b88caacf
Regards,
CRDF Labs Takedown Service,
Website: https://threatcenter.crdf.fr
CRDF Labs contact : labs@crdf.fr
Очевидно, что эта тема содержит вредоносный код. К примеру, Google Chrome уже внес ваш сайт в свой список фишинговых сайтов и отображает предупреждение, при получении доступа. Мы никогда не удаляем наши сайты клиентов, в том числе - не проводим работ без предупреждения. |