Infected website -

Viruses and worms
1

DrWeb’s link checker detects:
Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.tipsy.js?ver=1.0
File size: 4371 bytes
File MD5: e82a7bca2c561de3790788a01bd2a34f

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.tipsy.js?ver=1.0 - archive JS-HTML

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.tipsy.js?ver=1.0/JSFile_1[0][1113] - Ok
htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.tipsy.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.nivo.slider.js?ver=1.0
File size: 14.98 KB
File MD5: feaa9906b8e77dd1d1c14e33614d8905

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.nivo.slider.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/anythingSlider.js?ver=1.0
File size: 11.01 KB
File MD5: 160d7dc4771c11c2111a81b2436c9efa

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/anythingSlider.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.easing.js?ver=1.0
File size: 8097 bytes
File MD5: 6516449ed5089677ed3d7e2f11fc8942

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.easing.js?ver=1.0 - archive JS-HTML

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.easing.js?ver=1.0/JSFile_1[0][1fa1] - Ok
htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.easing.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.js?ver=1.0
File size: 55.91 KB
File MD5: bb381e2d19d8eace86b34d20759491a5

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.js?ver=1.0 - archive JS-HTML

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.js?ver=1.0/JSTag_1[a1ce][3dd8] - Ok
htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery-ui.js?ver=1.0
File size: 70.20 KB
File MD5: 6ddfa812d9c5aec3289880907fc55764

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery-ui.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/fancybox/jquery.fancybox-1.3.0.js?ver=1.0
File size: 26.11 KB
File MD5: 25dfbde6e637d51e8e4ec85fe9d42f71

httx://baselcommunity.com/wp-content/themes/baselofficial/js/fancybox/jquery.fancybox-1.3.0.js?ver=1.0 - archive JS-HTML
htxp://baselcommunity.com/wp-content/themes/baselofficial/js/fancybox/jquery.fancybox-1.3.0.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/browser.js?ver=1.0
File size: 2614 bytes
File MD5: ea961504a723f4cd772bf528d872d1c5

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/browser.js?ver=1.0 - archive JS-HTML

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/browser.js?ver=1.0/JSFile_1[0][a36] - Ok
htxp://baselcommunity.com/wp-content/themes/baselofficial/js/browser.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.validate.js?ver=1.0
File size: 24.77 KB
File MD5: f00ae9f2cea2f1f05e082652057d7b48

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/jquery.validate.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/wp-content/themes/baselofficial/js/custom.js?ver=1.0
File size: 4568 bytes
File MD5: 11cb3c5101f941bedf951ea82446e4a0

htxp://baselcommunity.com/wp-content/themes/baselofficial/js/custom.js?ver=1.0 - Ok

Checking: htxp://baselcommunity.com/tag/schiesser/
Engine version: 7.0.12.3050
Total virus-finding records: 5954945
File size: 14.12 KB
File MD5: 781b317736c4aeb8e25a616be33acd75

htxp://baselcommunity.com/tag/schiesser/ - archive JS-HTML

htxp://baselcommunity.com/tag/schiesser//JSTAG_1[1167][1a1] infected with JS.Seospam.1 *
htxp://baselcommunity.com/tag/schiesser//JSTAG_2[3604][15f] - Ok
htxp://baselcommunity.com/tag/schiesser//JSTag_3[360a][159] - Ok

Avast detects as JS:HideLink-A [Trj]. * nown javascript malware. Details: http://sucuri.net/malware/entry/MW:SPAM:SEO?g12
t=‘’;}}x[l-a]=z;}document.write(‘<’+x[0]+’ ‘+x[4]+’>.‘+x[2]+’{‘+x[1]+’}</‘+x[0]+’>');}xViewState();
WordPress version outdated: Upgrade required.
Outdated WordPress Found: WordPress Under 4.2

WP Theme installed - YEN 1.0
See theme-editing exploit: https://wordpress.org/support/topic/theme-editing-exploit

Warning User Enumeration is possible
The first two user ID’s were tested to determine if user enumeration is possible.

User ID 1 : Basel Community
User ID 2 : johnisnyder
t is recommended to rename the admin user account to reduce the chance of brute force attacks occurring. As this will reduce the chance of automated password attackers gaining access. However it is important to understand that if the author archives are enabled it is usually possible to enumerate all users within a WordPress installation. Info credits - WP Sec. Check

polonus (volunteer website security analyst and website error-hunter)