eBoosted Enclosures thread

Aren’t the stickers supposed to go to the sides of the enclosure?

1 Like

They were intended for that. It is the “Flying Tigers” logo. The Flying Tigers were three squadrons of fighter pilots and aircraft that volunteered to fight for China against Japan under US command before the US joined WWII. The logo is cut to go on either side of an aircraft nose.

The height to width ratio only works on the front of the enclosure because of the longer sloped flat there. I will push the two stickers together.

Awesome dude:heart_eyes: The shark teeth u can use as a bottle opener:heart_eyes:

3 Likes

@Eboosted Hi Alan, has your website been hacked? I just went on to get the Vanguard enclosures link for somebody on Facebook and I got a load of strange stuff pop up, it happens whenever you click a link to take you to a different part of your website! Below is just one example:

04

10

3 Likes

It’s still working fine for me. Try this link? https://www.eboardsperu.com/

looks that way; don’t click enclosures

5 Likes

i also have the issue from my iphone, but not the computer…

Unsure why it’s working for me then. Both my phone and my laptop dont have the problem.

Edit: maybe location has something to do with it? It’s possible that since im EU im getting a cached Cloudflare image of the site or something

Yeah there’s definitely something afoot

Screenshot_20190519-082803_Chrome

I got this and 4/5 other pop ups on my note 8

@Eboosted

I wonder if it’s an individual attack, or just the hosting platform Alan uses

OMG!

I have no idea how to fix this

2 Likes

Works fine for me using an adblocker. I reccomend ublock orgin, it blocks every ad I have come across.

1 Like

Oh maybe it’s that! I also have ad block

1 Like

It seems like there’s some kind of malicious code opening or attempting to open a new pop-up page on your first attempt to click the top menu.

If I close the pop-up I can still navigate to where I’m trying to go but something fishy is definitely going on.

Did you set the website up yourself or did someone else?

I think it might be this. Says you need to update the plugin for your Wordpress site to fix the issue.

Why do I think so? Because in the HTML page under the comment “WPLC custom JS” there’s a script that gets included. In your browser’s dev tools under sources if you open yourservice.live/javascript-mini.js there’s a line var _td = String.fromCharCode(a bunch of numbers) and then the next line evaluates that. Those numbers are just there to obfuscate the malicious script that runs.

I’ve heard from others in the web dev industry that wordpress sites and their plugins get security flaws like this constantly. If you can, move over to something else in the future :wink:

3 Likes

This is exactly what has happened, I updated the plug in now but the malicious code still remains on the website and I have no idea how to clean it

Have you tried clearing your browser cache? maybe you are seeing a cached version even if the problem is fixed?

Do you have access to your site’s raw files and code? You can try to find it and manual delete the script that way.

Similarly, try to see if there is a backup you can restore?

Hopefully without impact any purchases that may have occurred.

Additionally, I hope that no data was stored locally regarding payment options and such…

2 Likes

Ask your host to roll the site back to a working snapshot from a few days ago. After that is done confirm that the update is still in place and move on.

To quote from the article I sent:

Since “admin_init” hooks can be called visiting either /wp-admin/admin-post.php or /wp-admin/admin-ajax.php, an unauthenticated attacker could use these endpoints to arbitrarily update the option “wplc_custom_js”. “

So you should go into your site’s admin panel or what have you, and find that option (wplc_custom_js) and reset it / remove the attacker’s malicious script include / maybe clear it?

Edit: Brent’s suggestion is probably the best, you can never be too sure that’s the only thing the attackers had access to.

Edit no. 2: Realized there’s a dedicated thread about this. Whoops. Mods can move these messages over to there if they care.

1 Like