The Malicious Code
The Decoded Code
This in turn translates into:
Code Injecting Code
The injected script further executes a script from an external domain:
The end result is a malicious redirect to random sites advertising you to download software.
WP Live Chat Support plugin as of yesterday had over 60,000+ active installs as per the WordPress plugin repository and was disabled for newer installs.
As a result of this WordPress hack Google flagged many sites as malicious and also disabled Google Ads campaigns of many publishers.
The solution is not just to disable the rogue plugin but also to clean up the WordPress database infection. If you need assistance, you can consider our WordPress Malware Removal Service.
- Download WP CLI Temporarily & Using With Custom PHP Versions
- Understanding and Resolving the Vuln.php Recurring Malware Issue
- 9 Tell Tale Signs That Your WordPress Website Is Hacked
- How to use Regex with WP CLI to Search & Replace WordPress Database