JamieM 0 Posted October 4, 2021 Share Posted October 4, 2021 Our marketing guy was accessing/working on our website this morning. He triggered the script scanner with a JS/Agent.OZD alert (I'm org IT). Can you tell what might be compromised on our website? Here are a couple of the alerts I grabbed from the cloud dashboard under his detection details on these: Thank you for any help you can provide! Link to comment Share on other sites More sharing options...
Administrators Marcos 4,917 Posted October 4, 2021 Administrators Share Posted October 4, 2021 The website loads an external javascript from https://il5y54cmvy32vqxow4amesa1-wpengine.netdna-ssl.com. Searching for "+d(0xb5)+d('0x96')+d(0xc8)+token();" should help you locate the malicious javascript. Link to comment Share on other sites More sharing options...
Recommended Posts