JamieM 0 Posted October 4, 2021 Posted October 4, 2021 Our marketing guy was accessing/working on our website this morning. He triggered the script scanner with a JS/Agent.OZD alert (I'm org IT). Can you tell what might be compromised on our website? Here are a couple of the alerts I grabbed from the cloud dashboard under his detection details on these: Thank you for any help you can provide!
Administrators Marcos 5,733 Posted October 4, 2021 Administrators Posted October 4, 2021 The website loads an external javascript from https://il5y54cmvy32vqxow4amesa1-wpengine.netdna-ssl.com. Searching for "+d(0xb5)+d('0x96')+d(0xc8)+token();" should help you locate the malicious javascript.
Recommended Posts