polonus
1
Re: https://www.virustotal.com/nl/url/ed0074e1680774179c3a329d3abe1a462b7e260c9e664ef074cc20e4783868bf/analysis/#additional-info
/index.html
Severity: Malicious
Reason: Detected encoded JavaScript code commonly used to hide malicious behaviour.
Details: Detected malicious JavaScript code
Offset: 3946
Instances of SEO spam detected: https://sitecheck.sucuri.net/results/7secretsllc.com
Trojans detected:
Object: -ttp://7secretsllc.com/author/admin/
SHA1: f542534f16d6bb81568a5e791ff029f3acd97260
Name: TrojWare.JS.Agent.caa
WordPress Version
4.0.8
The following plugins were detected by reading the HTML source of the WordPress sites front page.
jetpack 2.3.7 latest release (3.8.0) Update required
http://jetpack.me
twitter-plugin 2.13 latest release (2.46) Update required
http://bestwebsoft.com/donate/
Version does not appear to be latest 4.3.1 - update now.
Warning User Enumeration is possible
Malware detected: https://urlquery.net/report.php?id=1448640147859
Detected libraries:
jquery-migrate - 1.2.1 : -http://7secretsllc.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Info: Severity: medium
http://bugs.jquery.com/ticket/11290
http://research.insecurelabs.org/jquery/test/
jquery - 1.11.1 : (active1) -http://7secretsllc.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
(active) - the library was also found to be active by running code
1 vulnerable library detected
polonus
